DATABASE RESOURCES PRICING ABOUT US

{"id": "CVE-2022-26486", "vendorId": null, "type": "cve", "bulletinFamily": "NVD", "title": "CVE-2022-26486", "description": "An unexpected message in the WebGPU IPC framework could lead to a use-after-free and exploitable sandbox escape. We have had reports of attacks in the wild abusing this flaw. This vulnerability affects Firefox < 97.0.2, Firefox ESR < 91.6.1, Firefox for Android < 97.3.0, Thunderbird < 91.6.2, and Focus < 97.3.0.", "published": "2022-12-22T20:15:00", "modified": "2022-12-30T20:55:00", "epss": [{"cve": "CVE-2022-26486", "epss": 0.00258, "percentile": 0.6214, "modified": "2023-06-03"}], "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cvss2": {"cvssV2": {"version": "2.0", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "accessVector": "NETWORK", "accessComplexity": "MEDIUM", "authentication": "NONE", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "baseScore": 6.8}, "severity": "MEDIUM", "exploitabilityScore": 8.6, "impactScore": 6.4, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "cvss3": {"cvssV3": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "CHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 9.6, "baseSeverity": "CRITICAL"}, "exploitabilityScore": 2.8, "impactScore": 6.0}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-26486", "reporter": "security@mozilla.org", "references": ["https://bugzilla.mozilla.org/show_bug.cgi?id=1758070", "https://www.mozilla.org/security/advisories/mfsa2022-09/"], "cvelist": ["CVE-2022-26486"], "immutableFields": [], "lastseen": "2023-06-03T14:28:38", "viewCount": 1089, "enchantments": {"score": {"value": 1.5, "vector": "NONE"}, "dependencies": {"references": [{"type": "almalinux", "idList": ["ALSA-2022:0818", "ALSA-2022:0845"]}, {"type": "alpinelinux", "idList": ["ALPINE:CVE-2022-26486"]}, {"type": "altlinux", "idList": ["47DCD5EC08D59D809CDBB149CDFBD6E7", "D8D411A7EF14A0710D0723E501081B1E"]}, {"type": "amazon", "idList": ["ALAS2-2022-1779"]}, {"type": "attackerkb", "idList": ["AKB:73D239B8-4556-4977-B6ED-3297CD47F673"]}, {"type": "centos", "idList": ["CESA-2022:0824", "CESA-2022:0850"]}, {"type": "cisa", "idList": ["CISA:128CACDAC4A49084B5132404C3E20B9D"]}, {"type": "cisa_kev", "idList": ["CISA-KEV-CVE-2022-26486"]}, {"type": "debian", "idList": ["DEBIAN:DLA-2933-1:4FD94", "DEBIAN:DLA-2933-1:7BF62", "DEBIAN:DLA-2939-1:47C35", "DEBIAN:DSA-5090-1:C4AEE", "DEBIAN:DSA-5094-1:DAC32"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2022-26486"]}, {"type": "gentoo", "idList": ["GLSA-202208-08", "GLSA-202208-14"]}, {"type": "hivepro", "idList": ["HIVEPRO:BCE2BBD9B7F60262FC88072724858373"]}, {"type": "ibm", "idList": ["8AA985F10478A217523AC3590FB9E32106E3D2C6C50A1C052E0D031713E7CD6A", "D2F4FA819023A831832A647B550E8F703EF96C1E7E396A36F150B71108876F7D"]}, {"type": "mageia", "idList": ["MGASA-2022-0089", "MGASA-2022-0094"]}, {"type": "malwarebytes", "idList": ["MALWAREBYTES:0926B9218C3E3A2F591593C4962367E0"]}, {"type": "mozilla", "idList": ["MFSA2022-09"]}, {"type": "nessus", "idList": ["AL2_ALAS-2022-1779.NASL", "CENTOS_RHSA-2022-0824.NASL", "CENTOS_RHSA-2022-0850.NASL", "DEBIAN_DLA-2933.NASL", "DEBIAN_DLA-2939.NASL", "DEBIAN_DSA-5090.NASL", "DEBIAN_DSA-5094.NASL", "GENTOO_GLSA-202208-08.NASL", "GENTOO_GLSA-202208-14.NASL", "MACOS_FIREFOX_91_6_1_ESR.NASL", "MACOS_FIREFOX_97_0_2.NASL", "MACOS_THUNDERBIRD_91_6_2.NASL", "MOZILLA_FIREFOX_91_6_1_ESR.NASL", "MOZILLA_FIREFOX_97_0_2.NASL", "MOZILLA_THUNDERBIRD_91_6_2.NASL", "OPENSUSE-2022-0783-1.NASL", "ORACLELINUX_ELSA-2022-0818.NASL", "ORACLELINUX_ELSA-2022-0824.NASL", "ORACLELINUX_ELSA-2022-0845.NASL", "ORACLELINUX_ELSA-2022-0850.NASL", "REDHAT-RHSA-2022-0815.NASL", "REDHAT-RHSA-2022-0816.NASL", "REDHAT-RHSA-2022-0817.NASL", "REDHAT-RHSA-2022-0818.NASL", "REDHAT-RHSA-2022-0824.NASL", "REDHAT-RHSA-2022-0843.NASL", "REDHAT-RHSA-2022-0845.NASL", "REDHAT-RHSA-2022-0847.NASL", "REDHAT-RHSA-2022-0850.NASL", "REDHAT-RHSA-2022-0853.NASL", "SLACKWARE_SSA_2022-064-01.NASL", "SL_20220311_FIREFOX_ON_SL7_X.NASL", "SL_20220314_THUNDERBIRD_ON_SL7_X.NASL", "SUSE_SU-2022-0777-1.NASL", "SUSE_SU-2022-0778-1.NASL", "SUSE_SU-2022-0783-1.NASL", "SUSE_SU-2022-0804-1.NASL", "SUSE_SU-2022-14906-1.NASL", "UBUNTU_USN-5314-1.NASL"]}, {"type": "oraclelinux", "idList": ["ELSA-2022-0818", "ELSA-2022-0824", "ELSA-2022-0845", "ELSA-2022-0850"]}, {"type": "osv", "idList": ["OSV:DLA-2933-1", "OSV:DLA-2939-1", "OSV:DSA-5090-1", "OSV:DSA-5094-1"]}, {"type": "redhat", "idList": ["RHSA-2022:0815", "RHSA-2022:0816", "RHSA-2022:0817", "RHSA-2022:0818", "RHSA-2022:0824", "RHSA-2022:0843", "RHSA-2022:0845", "RHSA-2022:0847", "RHSA-2022:0850", "RHSA-2022:0853"]}, {"type": "redhatcve", "idList": ["RH:CVE-2022-26486"]}, {"type": "redos", "idList": ["ROS-20220309-02"]}, {"type": "rocky", "idList": ["RLSA-2022:0818", "RLSA-2022:0845"]}, {"type": "slackware", "idList": ["SSA-2022-064-01"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2022:0783-1", "OPENSUSE-SU-2022:0804-1"]}, {"type": "thn", "idList": ["THN:A7F12CFE28503AADA942577C7306166A"]}, {"type": "threatpost", "idList": ["THREATPOST:D5E02B5FD2809DCACF41DA1190794921"]}, {"type": "ubuntu", "idList": ["USN-5314-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2022-26486"]}, {"type": "veracode", "idList": ["VERACODE:34513"]}]}, "exploitation": {"wildExploited": true, "wildExploitedSources": [{"type": "cisa_kev", "idList": ["CISA-KEV-CVE-2022-26486"]}]}, "twitter": {"counter": 2, "tweets": [{"link": "https://twitter.com/TheIanMay/status/1577689893710487552", "text": "Mozilla /hashtag/Firefox?src=hashtag_click contains a use-after-free vulnerability in WebGPU IPC Framework which can be exploited to perform arbitrary code execution [CVE-2022-26486] https://t.co/RAbnbNNvNh", "author": "TheIanMay", "author_photo": "https://pbs.twimg.com/profile_images/1541556259001978880/wM2UBjSj_400x400.jpg"}]}, "affected_software": {"major_version": [{"name": "mozilla firefox focus", "version": 97}, {"name": "mozilla firefox", "version": 97}, {"name": "mozilla firefox esr", "version": 91}, {"name": "mozilla firefox", "version": 97}, {"name": "mozilla thunderbird", "version": 91}]}, "epss": [{"cve": "CVE-2022-26486", "epss": 0.00258, "percentile": 0.62023, "modified": "2023-05-02"}], "vulnersScore": 1.5}, "_state": {"score": 1685803694, "dependencies": 1685829156, "cisa_kev_wildexploited": 1685805941, "twitter": 0, "affected_software_major_version": 0, "epss": 0}, "_internal": {"score_hash": "d52fb77a28169049c2dd6dfbe57afe88"}, "cna_cvss": {"cna": null, "cvss": {}}, "cpe": [], "cpe23": [], "cwe": ["CWE-416"], "affectedSoftware": [{"cpeName": "mozilla:firefox_focus", "version": "97.3.0", "operator": "lt", "name": "mozilla firefox focus"}, {"cpeName": "mozilla:firefox", "version": "97.0.2", "operator": "lt", "name": "mozilla firefox"}, {"cpeName": "mozilla:firefox_esr", "version": "91.6.1", "operator": "lt", "name": "mozilla firefox esr"}, {"cpeName": "mozilla:firefox", "version": "97.3.0", "operator": "lt", "name": "mozilla firefox"}, {"cpeName": "mozilla:thunderbird", "version": "91.6.2", "operator": "lt", "name": "mozilla thunderbird"}], "affectedConfiguration": [], "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"operator": "OR", "children": [], "cpe_match": [{"vulnerable": true, "cpe23Uri": "cpe:2.3:a:mozilla:firefox_focus:97.3.0:*:*:*:*:*:*:*", "versionEndExcluding": "97.3.0", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:a:mozilla:firefox:97.0.2:*:*:*:*:*:*:*", "versionEndExcluding": "97.0.2", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:a:mozilla:firefox_esr:91.6.1:*:*:*:*:*:*:*", "versionEndExcluding": "91.6.1", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:a:mozilla:firefox:97.3.0:*:*:*:*:android:*:*", "versionEndExcluding": "97.3.0", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:a:mozilla:thunderbird:91.6.2:*:*:*:*:*:*:*", "versionEndExcluding": "91.6.2", "cpe_name": []}]}]}, "extraReferences": [{"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1758070", "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1758070", "refsource": "MISC", "tags": ["Exploit", "Issue Tracking", "Vendor Advisory"]}, {"url": "https://www.mozilla.org/security/advisories/mfsa2022-09/", "name": "https://www.mozilla.org/security/advisories/mfsa2022-09/", "refsource": "MISC", "tags": ["Exploit", "Vendor Advisory"]}], "product_info": [{"vendor": "Mozilla", "product": "Firefox"}, {"vendor": "Mozilla", "product": "Firefox for Android"}, {"vendor": "Mozilla", "product": "Focus"}, {"vendor": "Mozilla", "product": "Thunderbird"}, {"vendor": "Mozilla", "product": "Firefox ESR"}], "solutions": [], "workarounds": [], "impacts": [], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "Use-after-free in WebGPU IPC Framework"}]}], "exploits": [], "assigned": "1976-01-01T00:00:00"}

{"attackerkb": [{"lastseen": "2023-07-09T11:23:29", "description": "An unexpected message in the WebGPU IPC framework could lead to a use-after-free and exploitable sandbox escape. We have had reports of attacks in the wild abusing this flaw. This vulnerability affects Firefox &lt; 97.0.2, Firefox ESR &lt; 91.6.1, Firefox for Android &lt; 97.3.0, Thunderbird &lt; 91.6.2, and Focus &lt; 97.3.0.\n\n \n**Recent assessments:** \n \nAssessed Attacker Value: 0 \nAssessed Attacker Value: 0Assessed Attacker Value: 0\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.6, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2022-12-22T00:00:00", "type": "attackerkb", "title": "CVE-2022-26486", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-26486"], "modified": "2022-12-22T00:00:00", "id": "AKB:73D239B8-4556-4977-B6ED-3297CD47F673", "href": "https://attackerkb.com/topics/sh17IwaA7e/cve-2022-26486", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "veracode": [{"lastseen": "2022-12-31T01:01:52", "description": "firefox is vulnerable to denial of service. The vulnerability exists due to a use-after-free was discovered when removing an XSLT parameter in some circumstances. \n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.6, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2022-03-06T15:56:59", "type": "veracode", "title": "Denial Of Service (DoS)", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2022-26486"], "modified": "2022-12-22T21:39:13", "id": "VERACODE:34513", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-34513/summary", "cvss": {"score": 0.0, "vector": "NONE"}}], "cisa_kev": [{"lastseen": "2023-07-21T17:22:44", "description": "Mozilla Firefox contains a use-after-free vulnerability in WebGPU IPC Framework which can be exploited to perform arbitrary code execution.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.6, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2022-03-07T00:00:00", "type": "cisa_kev", "title": "Mozilla Firefox Use-After-Free Vulnerability", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-26486"], "modified": "2022-03-07T00:00:00", "id": "CISA-KEV-CVE-2022-26486", "href": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "ubuntucve": [{"lastseen": "2023-06-04T13:24:07", "description": "An unexpected message in the WebGPU IPC framework could lead to a\nuse-after-free and exploitable sandbox escape. We have had reports of\nattacks in the wild abusing this flaw. This vulnerability affects Firefox <\n97.0.2, Firefox ESR < 91.6.1, Firefox for Android < 97.3.0, Thunderbird <\n91.6.2, and Focus < 97.3.0.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[tyhicks](<https://launchpad.net/~tyhicks>) | mozjs contains a copy of the SpiderMonkey JavaScript engine\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.6, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2022-03-06T00:00:00", "type": "ubuntucve", "title": "CVE-2022-26486", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-26486"], "modified": "2022-03-06T00:00:00", "id": "UB:CVE-2022-26486", "href": "https://ubuntu.com/security/CVE-2022-26486", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "alpinelinux": [{"lastseen": "2023-06-23T11:05:41", "description": "An unexpected message in the WebGPU IPC framework could lead to a use-after-free and exploitable sandbox escape. We have had reports of attacks in the wild abusing this flaw. This vulnerability affects Firefox < 97.0.2, Firefox ESR < 91.6.1, Firefox for Android < 97.3.0, Thunderbird < 91.6.2, and Focus < 97.3.0.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.6, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2022-12-22T20:15:00", "type": "alpinelinux", "title": "CVE-2022-26486", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-26486"], "modified": "2022-12-30T20:55:00", "id": "ALPINE:CVE-2022-26486", "href": "https://security.alpinelinux.org/vuln/CVE-2022-26486", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "debiancve": [{"lastseen": "2023-06-03T14:40:03", "description": "An unexpected message in the WebGPU IPC framework could lead to a use-after-free and exploitable sandbox escape. We have had reports of attacks in the wild abusing this flaw. This vulnerability affects Firefox < 97.0.2, Firefox ESR < 91.6.1, Firefox for Android < 97.3.0, Thunderbird < 91.6.2, and Focus < 97.3.0.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.6, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2022-12-22T20:15:00", "type": "debiancve", "title": "CVE-2022-26486", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-26486"], "modified": "2022-12-22T20:15:00", "id": "DEBIANCVE:CVE-2022-26486", "href": "https://security-tracker.debian.org/tracker/CVE-2022-26486", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "redhatcve": [{"lastseen": "2023-06-03T14:46:42", "description": "An unexpected message in the WebGPU IPC framework could lead to an exploitable sandbox escape and a use-after-free issue. An attacker with enough privileges could exploit this flaw leading to a complete system compromise\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.6, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2022-03-08T13:43:17", "type": "redhatcve", "title": "CVE-2022-26486", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-26486"], "modified": "2023-04-06T09:12:09", "id": "RH:CVE-2022-26486", "href": "https://access.redhat.com/security/cve/cve-2022-26486", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "prion": [{"lastseen": "2023-08-15T16:19:11", "description": "An unexpected message in the WebGPU IPC framework could lead to a use-after-free and exploitable sandbox escape. We have had reports of attacks in the wild abusing this flaw. This vulnerability affects Firefox < 97.0.2, Firefox ESR < 91.6.1, Firefox for Android < 97.3.0, Thunderbird < 91.6.2, and Focus < 97.3.0.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.6, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2022-12-22T20:15:00", "type": "prion", "title": "CVE-2022-26486", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-26486"], "modified": "2022-12-30T20:55:00", "id": "PRION:CVE-2022-26486", "href": "https://kb.prio-n.com/vulnerability/CVE-2022-26486", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "nessus": [{"lastseen": "2023-07-23T15:22:51", "description": "The version of Firefox installed on the remote Windows host is prior to 97.0.2. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2022-09 advisory.\n\n - Removing an XSLT parameter during processing could have lead to an exploitable use-after-free. We have had reports of attacks in the wild abusing this flaw. (CVE-2022-26485)\n\n - An unexpected message in the WebGPU IPC framework could lead to a use-after-free and exploitable sandbox escape. We have had reports of attacks in the wild abusing this flaw. (CVE-2022-26486)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-03-07T00:00:00", "type": "nessus", "title": "Mozilla Firefox < 97.0.2", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-26485", "CVE-2022-26486"], "modified": "2023-04-25T00:00:00", "cpe": ["cpe:/a:mozilla:firefox"], "id": "MOZILLA_FIREFOX_97_0_2.NASL", "href": "https://www.tenable.com/plugins/nessus/158654", "sourceData": "#%NASL_MIN_LEVEL 70300\n## \n# (C) Tenable Network Security, Inc.\n# \n# The descriptive text and package checks in this plugin were\n# extracted from Mozilla Foundation Security Advisory mfsa2022-09.\n# The text itself is copyright (C) Mozilla Foundation.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(158654);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/04/25\");\n\n script_cve_id(\"CVE-2022-26485\", \"CVE-2022-26486\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/03/21\");\n script_xref(name:\"IAVA\", value:\"2022-A-0103-S\");\n\n script_name(english:\"Mozilla Firefox < 97.0.2\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A web browser installed on the remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Firefox installed on the remote Windows host is prior to 97.0.2. It is, therefore, affected by multiple\nvulnerabilities as referenced in the mfsa2022-09 advisory.\n\n - Removing an XSLT parameter during processing could have lead to an exploitable use-after-free. We have had\n reports of attacks in the wild abusing this flaw. (CVE-2022-26485)\n\n - An unexpected message in the WebGPU IPC framework could lead to a use-after-free and exploitable sandbox\n escape. We have had reports of attacks in the wild abusing this flaw. (CVE-2022-26486)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2022-09/\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Mozilla Firefox version 97.0.2 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-26486\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/03/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/03/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/03/07\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:mozilla:firefox\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"mozilla_org_installed.nasl\");\n script_require_keys(\"Mozilla/Firefox/Version\");\n\n exit(0);\n}\n\ninclude('mozilla_version.inc');\n\nvar port = get_kb_item('SMB/transport');\nif (!port) port = 445;\n\nvar installs = get_kb_list('SMB/Mozilla/Firefox/*');\nif (isnull(installs)) audit(AUDIT_NOT_INST, 'Firefox');\n\nmozilla_check_version(installs:installs, product:'firefox', esr:FALSE, fix:'97.0.2', severity:SECURITY_HOLE);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-23T15:20:38", "description": "The version of Firefox installed on the remote macOS or Mac OS X host is prior to 97.0.2. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2022-09 advisory.\n\n - Removing an XSLT parameter during processing could have lead to an exploitable use-after-free. We have had reports of attacks in the wild abusing this flaw. (CVE-2022-26485)\n\n - An unexpected message in the WebGPU IPC framework could lead to a use-after-free and exploitable sandbox escape. We have had reports of attacks in the wild abusing this flaw. (CVE-2022-26486)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-03-07T00:00:00", "type": "nessus", "title": "Mozilla Firefox < 97.0.2", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-26485", "CVE-2022-26486"], "modified": "2023-04-25T00:00:00", "cpe": ["cpe:/a:mozilla:firefox"], "id": "MACOS_FIREFOX_97_0_2.NASL", "href": "https://www.tenable.com/plugins/nessus/158655", "sourceData": "#%NASL_MIN_LEVEL 70300\n## \n# (C) Tenable Network Security, Inc.\n# \n# The descriptive text and package checks in this plugin were\n# extracted from Mozilla Foundation Security Advisory mfsa2022-09.\n# The text itself is copyright (C) Mozilla Foundation.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(158655);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/04/25\");\n\n script_cve_id(\"CVE-2022-26485\", \"CVE-2022-26486\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/03/21\");\n script_xref(name:\"IAVA\", value:\"2022-A-0103-S\");\n\n script_name(english:\"Mozilla Firefox < 97.0.2\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A web browser installed on the remote macOS or Mac OS X host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Firefox installed on the remote macOS or Mac OS X host is prior to 97.0.2. It is, therefore, affected by\nmultiple vulnerabilities as referenced in the mfsa2022-09 advisory.\n\n - Removing an XSLT parameter during processing could have lead to an exploitable use-after-free. We have had\n reports of attacks in the wild abusing this flaw. (CVE-2022-26485)\n\n - An unexpected message in the WebGPU IPC framework could lead to a use-after-free and exploitable sandbox\n escape. We have had reports of attacks in the wild abusing this flaw. (CVE-2022-26486)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2022-09/\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Mozilla Firefox version 97.0.2 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-26486\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/03/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/03/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/03/07\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:mozilla:firefox\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"macosx_firefox_installed.nasl\");\n script_require_keys(\"MacOSX/Firefox/Installed\");\n\n exit(0);\n}\n\ninclude('mozilla_version.inc');\n\nvar kb_base = 'MacOSX/Firefox';\nget_kb_item_or_exit(kb_base+'/Installed');\n\nvar version = get_kb_item_or_exit(kb_base+'/Version', exit_code:1);\nvar path = get_kb_item_or_exit(kb_base+'/Path', exit_code:1);\n\nvar is_esr = get_kb_item(kb_base+'/is_esr');\nif (is_esr) exit(0, 'The Mozilla Firefox installation is in the ESR branch.');\n\nmozilla_check_version(version:version, path:path, product:'firefox', esr:FALSE, fix:'97.0.2', severity:SECURITY_HOLE);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-23T15:19:28", "description": "The version of Thunderbird installed on the remote macOS or Mac OS X host is prior to 91.6.2. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2022-09 advisory.\n\n - Removing an XSLT parameter during processing could have lead to an exploitable use-after-free. We have had reports of attacks in the wild abusing this flaw. (CVE-2022-26485)\n\n - An unexpected message in the WebGPU IPC framework could lead to a use-after-free and exploitable sandbox escape. We have had reports of attacks in the wild abusing this flaw. (CVE-2022-26486)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-03-07T00:00:00", "type": "nessus", "title": "Mozilla Thunderbird < 91.6.2", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-26485", "CVE-2022-26486"], "modified": "2023-04-25T00:00:00", "cpe": ["cpe:/a:mozilla:thunderbird"], "id": "MACOS_THUNDERBIRD_91_6_2.NASL", "href": "https://www.tenable.com/plugins/nessus/158656", "sourceData": "#%NASL_MIN_LEVEL 70300\n## \n# (C) Tenable Network Security, Inc.\n# \n# The descriptive text and package checks in this plugin were\n# extracted from Mozilla Foundation Security Advisory mfsa2022-09.\n# The text itself is copyright (C) Mozilla Foundation.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(158656);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/04/25\");\n\n script_cve_id(\"CVE-2022-26485\", \"CVE-2022-26486\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/03/21\");\n\n script_name(english:\"Mozilla Thunderbird < 91.6.2\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A mail client installed on the remote macOS or Mac OS X host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Thunderbird installed on the remote macOS or Mac OS X host is prior to 91.6.2. It is, therefore, affected\nby multiple vulnerabilities as referenced in the mfsa2022-09 advisory.\n\n - Removing an XSLT parameter during processing could have lead to an exploitable use-after-free. We have had\n reports of attacks in the wild abusing this flaw. (CVE-2022-26485)\n\n - An unexpected message in the WebGPU IPC framework could lead to a use-after-free and exploitable sandbox\n escape. We have had reports of attacks in the wild abusing this flaw. (CVE-2022-26486)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2022-09/\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Mozilla Thunderbird version 91.6.2 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-26486\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/03/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/03/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/03/07\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:mozilla:thunderbird\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"macosx_thunderbird_installed.nasl\");\n script_require_keys(\"MacOSX/Thunderbird/Installed\");\n\n exit(0);\n}\n\ninclude('mozilla_version.inc');\n\nvar kb_base = 'MacOSX/Thunderbird';\nget_kb_item_or_exit(kb_base+'/Installed');\n\nvar version = get_kb_item_or_exit(kb_base+'/Version', exit_code:1);\nvar path = get_kb_item_or_exit(kb_base+'/Path', exit_code:1);\n\nvar is_esr = get_kb_item(kb_base+'/is_esr');\nif (is_esr) exit(0, 'The Mozilla Thunderbird installation is in the ESR branch.');\n\nmozilla_check_version(version:version, path:path, product:'thunderbird', esr:FALSE, fix:'91.6.2', severity:SECURITY_HOLE);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-23T15:19:28", "description": "The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-2933 advisory.\n\n - An unexpected message in the WebGPU IPC framework could lead to a use-after-free and exploitable sandbox escape. We have had reports of attacks in the wild abusing this flaw. This vulnerability affects Firefox < 97.0.2, Firefox ESR < 91.6.1, Firefox for Android < 97.3.0, Thunderbird < 91.6.2, and Focus < 97.3.0.\n (CVE-2022-26486)\n\n - Removing an XSLT parameter during processing could have lead to an exploitable use-after-free. We have had reports of attacks in the wild abusing this flaw. This vulnerability affects Firefox < 97.0.2, Firefox ESR < 91.6.1, Firefox for Android < 97.3.0, Thunderbird < 91.6.2, and Focus < 97.3.0. (CVE-2022-26485)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-03-07T00:00:00", "type": "nessus", "title": "Debian DLA-2933-1 : firefox-esr - LTS security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-26485", "CVE-2022-26486"], "modified": "2023-04-25T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:firefox-esr", "p-cpe:/a:debian:debian_linux:firefox-esr-dev", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ach", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-af", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-all", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-an", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ar", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-as", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ast", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-az", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-be", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-bg", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-bn", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-bn-bd", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-bn-in", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-br", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-bs", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ca", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ca-valencia", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-cak", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-cs", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-cy", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-da", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-de", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-dsb", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-el", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-en-ca", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-en-gb", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-en-za", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-eo", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-es-ar", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-es-cl", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-es-es", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-es-mx", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-et", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-eu", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-fa", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ff", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-fi", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-fr", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-fy-nl", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-cak", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-cs", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-cy", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-da", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-de", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-dsb", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-el", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-en-ca", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-en-gb", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-en-za", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-eo", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-es-ar", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-es-cl", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-es-es", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-es-mx", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-et", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-eu", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-fa", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-ff", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-fi", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-fr", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-fy-nl", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-ga-ie", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-gd", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-gl", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-gn", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-gu-in", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-he", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-hi-in", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-hr", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-hsb", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-hu", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-hy-am", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-ia", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-id", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-is", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-it", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-ja", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-ka", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-kab", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-kk", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-km", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-kn", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-ko", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-ur", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-uz", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-vi", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-xh", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-zh-cn", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-zh-tw", "cpe:/o:debian:debian_linux:9.0", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ga-ie", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-gd", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-gl", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-gn", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-gu-in", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-he", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-hi-in", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-hr", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-hsb", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-hu", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-hy-am", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ia", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-id", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-is", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-it", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ja", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ka", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-kab", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-kk", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-km", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-kn", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ko", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-lij", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-lt", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-lv", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-mai", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-mk", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ml", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-mr", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ms", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-my", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-nb-no", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ne-np", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-nl", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-nn-no", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-oc", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-or", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-pa-in", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-pl", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-pt-br", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-pt-pt", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-rm", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ro", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ru", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-sco", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-si", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-sk", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-sl", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-son", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-sq", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-sr", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-sv-se", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-szl", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ta", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-te", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-th", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-tl", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-tr", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-trs", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-uk", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ur", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-uz", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-vi", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-xh", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-zh-cn", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-zh-tw", "p-cpe:/a:debian:debian_linux:iceweasel", "p-cpe:/a:debian:debian_linux:iceweasel-dev", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-ach", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-af", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-all", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-an", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-ar", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-as", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-ast", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-az", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-be", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-bg", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-bn", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-bn-bd", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-bn-in", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-br", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-bs", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-ca", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-ca-valencia", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-lij", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-lt", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-lv", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-mai", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-mk", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-ml", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-mr", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-ms", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-my", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-nb-no", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-ne-np", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-nl", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-nn-no", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-oc", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-or", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-pa-in", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-pl", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-pt-br", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-pt-pt", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-rm", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-ro", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-ru", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-sco", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-si", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-sk", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-sl", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-son", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-sq", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-sr", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-sv-se", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-szl", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-ta", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-te", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-th", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-tl", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-tr", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-trs", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-uk"], "id": "DEBIAN_DLA-2933.NASL", "href": "https://www.tenable.com/plugins/nessus/158681", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory dla-2933. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(158681);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/04/25\");\n\n script_cve_id(\"CVE-2022-26485\", \"CVE-2022-26486\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/03/21\");\n script_xref(name:\"IAVA\", value:\"2022-A-0103-S\");\n\n script_name(english:\"Debian DLA-2933-1 : firefox-esr - LTS security update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Debian host is missing one or more security-related updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the\ndla-2933 advisory.\n\n - An unexpected message in the WebGPU IPC framework could lead to a use-after-free and exploitable sandbox\n escape. We have had reports of attacks in the wild abusing this flaw. This vulnerability affects Firefox <\n 97.0.2, Firefox ESR < 91.6.1, Firefox for Android < 97.3.0, Thunderbird < 91.6.2, and Focus < 97.3.0.\n (CVE-2022-26486)\n\n - Removing an XSLT parameter during processing could have lead to an exploitable use-after-free. We have had\n reports of attacks in the wild abusing this flaw. This vulnerability affects Firefox < 97.0.2, Firefox ESR\n < 91.6.1, Firefox for Android < 97.3.0, Thunderbird < 91.6.2, and Focus < 97.3.0. (CVE-2022-26485)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/source-package/firefox-esr\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.debian.org/lts/security/2022/dla-2933\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-26485\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-26486\");\n script_set_attribute(attribute:\"see_also\", value:\"https://packages.debian.org/source/stretch/firefox-esr\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the firefox-esr packages.\n\nFor Debian 9 stretch, these problems have been fixed in version 91.6.1esr-1~deb9u1.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-26486\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/03/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/03/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/03/07\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ach\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-af\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-all\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-an\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-as\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ast\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-az\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-be\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-bg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-bn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-bn-bd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-bn-in\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-br\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-bs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ca\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ca-valencia\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-cak\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-cs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-cy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-da\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-de\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-dsb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-el\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-en-ca\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-en-gb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-en-za\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-eo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-es-ar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-es-cl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-es-es\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-es-mx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-et\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-eu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-fa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ff\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-fi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-fr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-fy-nl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ga-ie\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-gl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-gn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-gu-in\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-he\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-hi-in\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-hr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-hsb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-hu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-hy-am\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ia\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-id\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-is\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-it\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ja\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ka\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-kab\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-kk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-km\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-kn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ko\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-lij\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-lt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-lv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-mai\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-mk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-mr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-my\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-nb-no\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ne-np\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-nl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-nn-no\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-oc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-or\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-pa-in\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-pl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-pt-br\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-pt-pt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-rm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ro\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ru\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-sco\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-si\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-sk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-sl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-son\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-sq\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-sr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-sv-se\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-szl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ta\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-te\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-th\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-tl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-tr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-trs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-uk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ur\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-uz\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-vi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-xh\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-zh-cn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-zh-tw\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-ach\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-af\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-all\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-an\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-ar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-as\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-ast\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-az\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-be\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-bg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-bn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-bn-bd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-bn-in\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-br\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-bs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-ca\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-ca-valencia\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-cak\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-cs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-cy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-da\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-de\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-dsb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-el\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-en-ca\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-en-gb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-en-za\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-eo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-es-ar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-es-cl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-es-es\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-es-mx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-et\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-eu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-fa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-ff\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-fi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-fr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-fy-nl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-ga-ie\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-gl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-gn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-gu-in\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-he\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-hi-in\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-hr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-hsb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-hu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-hy-am\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-ia\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-id\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-is\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-it\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-ja\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-ka\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-kab\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-kk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-km\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-kn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-ko\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-lij\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-lt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-lv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-mai\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-mk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-ml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-mr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-ms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-my\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-nb-no\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-ne-np\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-nl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-nn-no\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-oc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-or\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-pa-in\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-pl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-pt-br\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-pt-pt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-rm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-ro\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-ru\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-sco\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-si\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-sk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-sl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-son\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-sq\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-sr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-sv-se\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-szl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-ta\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-te\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-th\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-tl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-tr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-trs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-uk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-ur\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-uz\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-vi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-xh\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-zh-cn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-zh-tw\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Debian Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('debian_package.inc');\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar release = get_kb_item('Host/Debian/release');\nif ( isnull(release) ) audit(AUDIT_OS_NOT, 'Debian');\nvar release = chomp(release);\nif (! preg(pattern:\"^(9)\\.[0-9]+\", string:release)) audit(AUDIT_OS_NOT, 'Debian 9.0', 'Debian ' + release);\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Debian', cpu);\n\nvar pkgs = [\n {'release': '9.0', 'prefix': 'firefox-esr', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-dev', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-ach', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-af', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-all', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-an', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-ar', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-as', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-ast', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-az', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-be', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-bg', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-bn', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-bn-bd', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-bn-in', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-br', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-bs', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-ca', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-ca-valencia', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-cak', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-cs', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-cy', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-da', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-de', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-dsb', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-el', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-en-ca', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-en-gb', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-en-za', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-eo', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-es-ar', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-es-cl', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-es-es', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-es-mx', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-et', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-eu', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-fa', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-ff', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-fi', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-fr', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-fy-nl', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-ga-ie', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-gd', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-gl', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-gn', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-gu-in', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-he', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-hi-in', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-hr', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-hsb', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-hu', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-hy-am', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-ia', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-id', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-is', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-it', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-ja', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-ka', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-kab', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-kk', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-km', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-kn', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-ko', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-lij', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-lt', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-lv', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-mai', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-mk', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-ml', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-mr', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-ms', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-my', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-nb-no', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-ne-np', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-nl', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-nn-no', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-oc', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-or', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-pa-in', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-pl', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-pt-br', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-pt-pt', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-rm', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-ro', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-ru', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-sco', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-si', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-sk', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-sl', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-son', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-sq', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-sr', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-sv-se', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-szl', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-ta', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-te', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-th', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-tl', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-tr', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-trs', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-uk', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-ur', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-uz', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-vi', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-xh', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-zh-cn', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'firefox-esr-l10n-zh-tw', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-dev', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-ach', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-af', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-all', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-an', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-ar', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-as', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-ast', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-az', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-be', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-bg', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-bn', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-bn-bd', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-bn-in', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-br', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-bs', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-ca', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-ca-valencia', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-cak', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-cs', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-cy', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-da', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-de', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-dsb', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-el', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-en-ca', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-en-gb', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-en-za', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-eo', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-es-ar', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-es-cl', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-es-es', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-es-mx', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-et', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-eu', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-fa', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-ff', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-fi', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-fr', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-fy-nl', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-ga-ie', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-gd', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-gl', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-gn', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-gu-in', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-he', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-hi-in', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-hr', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-hsb', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-hu', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-hy-am', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-ia', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-id', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-is', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-it', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-ja', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-ka', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-kab', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-kk', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-km', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-kn', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-ko', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-lij', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-lt', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-lv', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-mai', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-mk', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-ml', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-mr', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-ms', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-my', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-nb-no', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-ne-np', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-nl', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-nn-no', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-oc', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-or', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-pa-in', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-pl', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-pt-br', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-pt-pt', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-rm', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-ro', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-ru', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-sco', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-si', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-sk', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-sl', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-son', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-sq', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-sr', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-sv-se', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-szl', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-ta', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-te', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-th', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-tl', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-tr', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-trs', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-uk', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-ur', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-uz', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-vi', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-xh', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-zh-cn', 'reference': '91.6.1esr-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceweasel-l10n-zh-tw', 'reference': '91.6.1esr-1~deb9u1'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var release = NULL;\n var prefix = NULL;\n var reference = NULL;\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['prefix'])) prefix = package_array['prefix'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (release && prefix && reference) {\n if (deb_check(release:release, prefix:prefix, reference:reference)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : deb_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = deb_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'firefox-esr / firefox-esr-dev / firefox-esr-l10n-ach / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-25T17:12:51", "description": "The remote Ubuntu 18.04 LTS / 20.04 LTS / 21.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5314-1 advisory.\n\n - An unexpected message in the WebGPU IPC framework could lead to a use-after-free and exploitable sandbox escape. We have had reports of attacks in the wild abusing this flaw. This vulnerability affects Firefox < 97.0.2, Firefox ESR < 91.6.1, Firefox for Android < 97.3.0, Thunderbird < 91.6.2, and Focus < 97.3.0.\n (CVE-2022-26486)\n\n - Removing an XSLT parameter during processing could have lead to an exploitable use-after-free. We have had reports of attacks in the wild abusing this flaw. This vulnerability affects Firefox < 97.0.2, Firefox ESR < 91.6.1, Firefox for Android < 97.3.0, Thunderbird < 91.6.2, and Focus < 97.3.0. (CVE-2022-26485)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-03-06T00:00:00", "type": "nessus", "title": "Ubuntu 18.04 LTS / 20.04 LTS / 21.10 : Firefox vulnerabilities (USN-5314-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-26485", "CVE-2022-26486"], "modified": "2023-07-12T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:18.04:-:lts", "cpe:/o:canonical:ubuntu_linux:20.04:-:lts", "cpe:/o:canonical:ubuntu_linux:21.10", "p-cpe:/a:canonical:ubuntu_linux:firefox", "p-cpe:/a:canonical:ubuntu_linux:firefox-dev", "p-cpe:/a:canonical:ubuntu_linux:firefox-geckodriver", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-af", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-an", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ar", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-as", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ast", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-az", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-be", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-bg", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-bn", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-br", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-bs", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ca", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-cak", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-cs", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-csb", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-cy", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-da", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-de", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-el", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-en", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-eo", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-es", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-et", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-eu", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-fa", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-fi", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-fr", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-fy", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ga", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-gd", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-gl", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-gn", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-gu", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-is", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-it", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ja", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ka", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-kab", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-kk", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-km", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-kn", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ko", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ku", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-lg", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-lt", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-lv", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-mai", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-mk", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ml", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-mn", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-mr", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ms", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-my", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-nb", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ne", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-nl", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-nn", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-nso", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-oc", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-or", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-pa", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-pl", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-pt", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ro", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ru", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-si", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-sk", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-sl", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-sq", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-sr", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-sv", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-sw", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-szl", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ta", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-te", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-th", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-tr", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-uk", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ur", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-he", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-hi", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-hr", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-hsb", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-hu", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-hy", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ia", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-id", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-uz", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-vi", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-xh", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-zh-hans", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-zh-hant", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-zu", "p-cpe:/a:canonical:ubuntu_linux:firefox-mozsymbols"], "id": "UBUNTU_USN-5314-1.NASL", "href": "https://www.tenable.com/plugins/nessus/158646", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-5314-1. The text\n# itself is copyright (C) Canonical, Inc. See\n# <https://ubuntu.com/security/notices>. Ubuntu(R) is a registered\n# trademark of Canonical, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(158646);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/07/12\");\n\n script_cve_id(\"CVE-2022-26485\", \"CVE-2022-26486\");\n script_xref(name:\"USN\", value:\"5314-1\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/03/21\");\n script_xref(name:\"IAVA\", value:\"2022-A-0103-S\");\n\n script_name(english:\"Ubuntu 18.04 LTS / 20.04 LTS / 21.10 : Firefox vulnerabilities (USN-5314-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Ubuntu host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Ubuntu 18.04 LTS / 20.04 LTS / 21.10 host has packages installed that are affected by multiple\nvulnerabilities as referenced in the USN-5314-1 advisory.\n\n - An unexpected message in the WebGPU IPC framework could lead to a use-after-free and exploitable sandbox\n escape. We have had reports of attacks in the wild abusing this flaw. This vulnerability affects Firefox <\n 97.0.2, Firefox ESR < 91.6.1, Firefox for Android < 97.3.0, Thunderbird < 91.6.2, and Focus < 97.3.0.\n (CVE-2022-26486)\n\n - Removing an XSLT parameter during processing could have lead to an exploitable use-after-free. We have had\n reports of attacks in the wild abusing this flaw. This vulnerability affects Firefox < 97.0.2, Firefox ESR\n < 91.6.1, Firefox for Android < 97.3.0, Thunderbird < 91.6.2, and Focus < 97.3.0. (CVE-2022-26485)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://ubuntu.com/security/notices/USN-5314-1\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-26486\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/03/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/03/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/03/06\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:20.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:21.10\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-geckodriver\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-af\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-an\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-as\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ast\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-az\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-be\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-bg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-bn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-br\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-bs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ca\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-cak\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-cs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-csb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-cy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-da\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-de\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-el\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-en\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-eo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-es\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-et\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-eu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-fa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-fi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-fr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-fy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ga\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-gl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-gn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-gu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-he\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-hi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-hr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-hsb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-hu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-hy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ia\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-id\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-is\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-it\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ja\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ka\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-kab\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-kk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-km\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-kn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ko\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ku\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-lg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-lt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-lv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-mai\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-mk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-mn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-mr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-my\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-nb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ne\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-nl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-nn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-nso\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-oc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-or\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-pa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-pl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-pt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ro\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ru\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-si\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-sk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-sl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-sq\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-sr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-sv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-sw\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-szl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ta\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-te\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-th\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-tr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-uk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ur\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-uz\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-vi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-xh\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-zh-hans\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-zh-hant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-zu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-mozsymbols\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_copyright(english:\"Ubuntu Security Notice (C) 2022-2023 Canonical, Inc. / NASL script (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('debian_package.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/Ubuntu/release');\nif ( isnull(os_release) ) audit(AUDIT_OS_NOT, 'Ubuntu');\nos_release = chomp(os_release);\nif (! ('18.04' >< os_release || '20.04' >< os_release || '21.10' >< os_release)) audit(AUDIT_OS_NOT, 'Ubuntu 18.04 / 20.04 / 21.10', 'Ubuntu ' + os_release);\nif ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nvar pkgs = [\n {'osver': '18.04', 'pkgname': 'firefox', 'pkgver': '97.0.2+build1-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-dev', 'pkgver': '97.0.2+build1-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-geckodriver', 'pkgver': '97.0.2+build1-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-af', 'pkgver': '97.0.2+build1-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-an', 'pkgver': '97.0.2+build1-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-ar', 'pkgver': '97.0.2+build1-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-as', 'pkgver': '97.0.2+build1-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-ast', 'pkgver': '97.0.2+build1-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-az', 'pkgver': '97.0.2+build1-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-be', 'pkgver': '97.0.2+build1-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-bg', 'pkgver': '97.0.2+build1-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-bn', 'pkgver': '97.0.2+build1-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-br', 'pkgver': '97.0.2+build1-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-bs', 'pkgver': '97.0.2+build1-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-ca', 'pkgver': '97.0.2+build1-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-cak', 'pkgver': '97.0.2+build1-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-cs', 'pkgver': '97.0.2+build1-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-csb', 'pkgver': '97.0.2+build1-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-cy', 'pkgver': '97.0.2+build1-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-da', 'pkgver': '97.0.2+build1-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-de', 'pkgver': '97.0.2+build1-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-el', 'pkgver': '97.0.2+build1-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-en', 'pkgver': '97.0.2+build1-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-eo', 'pkgver': '97.0.2+build1-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-es', 'pkgver': '97.0.2+build1-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-et', 'pkgver': '97.0.2+build1-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-eu', 'pkgver': '97.0.2+build1-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-fa', 'pkgver': '97.0.2+build1-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-fi', 'pkgver': '97.0.2+build1-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-fr', 'pkgver': '97.0.2+build1-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-fy', 'pkgver': '97.0.2+build1-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-ga', 'pkgver': '97.0.2+build1-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-gd', 'pkgver': '97.0.2+build1-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-gl', 'pkgver': '97.0.2+build1-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-gn', 'pkgver': '97.0.2+build1-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-gu', 'pkgver': '97.0.2+build1-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-he', 'pkgver': '97.0.2+build1-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-hi', 'pkgver': '97.0.2+build1-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-hr', 'pkgver': '97.0.2+build1-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-hsb', 'pkgver': '97.0.2+build1-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-hu', 'pkgver': '97.0.2+build1-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-hy', 'pkgver': '97.0.2+build1-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-ia', 'pkgver': '97.0.2+build1-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-id', 'pkgver': '97.0.2+build1-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-is', 'pkgver': '97.0.2+build1-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-it', 'pkgver': '97.0.2+build1-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-ja', 'pkgver': '97.0.2+build1-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-ka', 'pkgver': '97.0.2+build1-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-kab', 'pkgver': '97.0.2+build1-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-kk', 'pkgver': '97.0.2+build1-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-km', 'pkgver': '97.0.2+build1-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-kn', 'pkgver': '97.0.2+build1-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-ko', 'pkgver': '97.0.2+build1-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-ku', 'pkgver': '97.0.2+build1-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-lg', 'pkgver': '97.0.2+build1-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-lt', 'pkgver': '97.0.2+build1-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-lv', 'pkgver': '97.0.2+build1-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-mai', 'pkgver': '97.0.2+build1-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-mk', 'pkgver': '97.0.2+build1-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-ml', 'pkgver': '97.0.2+build1-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-mn', 'pkgver': '97.0.2+build1-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-mr', 'pkgver': '97.0.2+build1-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-ms', 'pkgver': '97.0.2+build1-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-my', 'pkgver': '97.0.2+build1-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-nb', 'pkgver': '97.0.2+build1-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-ne', 'pkgver': '97.0.2+build1-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-nl', 'pkgver': '97.0.2+build1-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-nn', 'pkgver': '97.0.2+build1-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-nso', 'pkgver': '97.0.2+build1-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-oc', 'pkgver': '97.0.2+build1-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-or', 'pkgver': '97.0.2+build1-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-pa', 'pkgver': '97.0.2+build1-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-pl', 'pkgver': '97.0.2+build1-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-pt', 'pkgver': '97.0.2+build1-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-ro', 'pkgver': '97.0.2+build1-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-ru', 'pkgver': '97.0.2+build1-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-si', 'pkgver': '97.0.2+build1-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-sk', 'pkgver': '97.0.2+build1-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-sl', 'pkgver': '97.0.2+build1-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-sq', 'pkgver': '97.0.2+build1-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-sr', 'pkgver': '97.0.2+build1-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-sv', 'pkgver': '97.0.2+build1-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-sw', 'pkgver': '97.0.2+build1-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-szl', 'pkgver': '97.0.2+build1-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-ta', 'pkgver': '97.0.2+build1-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-te', 'pkgver': '97.0.2+build1-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-th', 'pkgver': '97.0.2+build1-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-tr', 'pkgver': '97.0.2+build1-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-uk', 'pkgver': '97.0.2+build1-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-ur', 'pkgver': '97.0.2+build1-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-uz', 'pkgver': '97.0.2+build1-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-vi', 'pkgver': '97.0.2+build1-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-xh', 'pkgver': '97.0.2+build1-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-zh-hans', 'pkgver': '97.0.2+build1-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-zh-hant', 'pkgver': '97.0.2+build1-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-zu', 'pkgver': '97.0.2+build1-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-mozsymbols', 'pkgver': '97.0.2+build1-0ubuntu0.18.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox', 'pkgver': '97.0.2+build1-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-dev', 'pkgver': '97.0.2+build1-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-geckodriver', 'pkgver': '97.0.2+build1-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-af', 'pkgver': '97.0.2+build1-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-an', 'pkgver': '97.0.2+build1-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-ar', 'pkgver': '97.0.2+build1-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-as', 'pkgver': '97.0.2+build1-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-ast', 'pkgver': '97.0.2+build1-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-az', 'pkgver': '97.0.2+build1-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-be', 'pkgver': '97.0.2+build1-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-bg', 'pkgver': '97.0.2+build1-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-bn', 'pkgver': '97.0.2+build1-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-br', 'pkgver': '97.0.2+build1-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-bs', 'pkgver': '97.0.2+build1-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-ca', 'pkgver': '97.0.2+build1-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-cak', 'pkgver': '97.0.2+build1-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-cs', 'pkgver': '97.0.2+build1-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-csb', 'pkgver': '97.0.2+build1-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-cy', 'pkgver': '97.0.2+build1-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-da', 'pkgver': '97.0.2+build1-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-de', 'pkgver': '97.0.2+build1-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-el', 'pkgver': '97.0.2+build1-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-en', 'pkgver': '97.0.2+build1-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-eo', 'pkgver': '97.0.2+build1-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-es', 'pkgver': '97.0.2+build1-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-et', 'pkgver': '97.0.2+build1-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-eu', 'pkgver': '97.0.2+build1-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-fa', 'pkgver': '97.0.2+build1-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-fi', 'pkgver': '97.0.2+build1-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-fr', 'pkgver': '97.0.2+build1-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-fy', 'pkgver': '97.0.2+build1-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-ga', 'pkgver': '97.0.2+build1-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-gd', 'pkgver': '97.0.2+build1-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-gl', 'pkgver': '97.0.2+build1-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-gn', 'pkgver': '97.0.2+build1-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-gu', 'pkgver': '97.0.2+build1-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-he', 'pkgver': '97.0.2+build1-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-hi', 'pkgver': '97.0.2+build1-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-hr', 'pkgver': '97.0.2+build1-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-hsb', 'pkgver': '97.0.2+build1-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-hu', 'pkgver': '97.0.2+build1-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-hy', 'pkgver': '97.0.2+build1-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-ia', 'pkgver': '97.0.2+build1-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-id', 'pkgver': '97.0.2+build1-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-is', 'pkgver': '97.0.2+build1-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-it', 'pkgver': '97.0.2+build1-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-ja', 'pkgver': '97.0.2+build1-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-ka', 'pkgver': '97.0.2+build1-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-kab', 'pkgver': '97.0.2+build1-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-kk', 'pkgver': '97.0.2+build1-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-km', 'pkgver': '97.0.2+build1-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-kn', 'pkgver': '97.0.2+build1-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-ko', 'pkgver': '97.0.2+build1-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-ku', 'pkgver': '97.0.2+build1-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-lg', 'pkgver': '97.0.2+build1-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-lt', 'pkgver': '97.0.2+build1-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-lv', 'pkgver': '97.0.2+build1-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-mai', 'pkgver': '97.0.2+build1-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-mk', 'pkgver': '97.0.2+build1-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-ml', 'pkgver': '97.0.2+build1-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-mn', 'pkgver': '97.0.2+build1-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-mr', 'pkgver': '97.0.2+build1-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-ms', 'pkgver': '97.0.2+build1-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-my', 'pkgver': '97.0.2+build1-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-nb', 'pkgver': '97.0.2+build1-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-ne', 'pkgver': '97.0.2+build1-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-nl', 'pkgver': '97.0.2+build1-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-nn', 'pkgver': '97.0.2+build1-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-nso', 'pkgver': '97.0.2+build1-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-oc', 'pkgver': '97.0.2+build1-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-or', 'pkgver': '97.0.2+build1-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-pa', 'pkgver': '97.0.2+build1-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-pl', 'pkgver': '97.0.2+build1-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-pt', 'pkgver': '97.0.2+build1-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-ro', 'pkgver': '97.0.2+build1-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-ru', 'pkgver': '97.0.2+build1-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-si', 'pkgver': '97.0.2+build1-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-sk', 'pkgver': '97.0.2+build1-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-sl', 'pkgver': '97.0.2+build1-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-sq', 'pkgver': '97.0.2+build1-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-sr', 'pkgver': '97.0.2+build1-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-sv', 'pkgver': '97.0.2+build1-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-sw', 'pkgver': '97.0.2+build1-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-szl', 'pkgver': '97.0.2+build1-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-ta', 'pkgver': '97.0.2+build1-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-te', 'pkgver': '97.0.2+build1-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-th', 'pkgver': '97.0.2+build1-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-tr', 'pkgver': '97.0.2+build1-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-uk', 'pkgver': '97.0.2+build1-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-ur', 'pkgver': '97.0.2+build1-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-uz', 'pkgver': '97.0.2+build1-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-vi', 'pkgver': '97.0.2+build1-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-xh', 'pkgver': '97.0.2+build1-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-zh-hans', 'pkgver': '97.0.2+build1-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-zh-hant', 'pkgver': '97.0.2+build1-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-zu', 'pkgver': '97.0.2+build1-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-mozsymbols', 'pkgver': '97.0.2+build1-0ubuntu0.20.04.1'},\n {'osver': '21.10', 'pkgname': 'firefox', 'pkgver': '97.0.2+build1-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'firefox-dev', 'pkgver': '97.0.2+build1-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'firefox-geckodriver', 'pkgver': '97.0.2+build1-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'firefox-locale-af', 'pkgver': '97.0.2+build1-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'firefox-locale-an', 'pkgver': '97.0.2+build1-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'firefox-locale-ar', 'pkgver': '97.0.2+build1-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'firefox-locale-as', 'pkgver': '97.0.2+build1-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'firefox-locale-ast', 'pkgver': '97.0.2+build1-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'firefox-locale-az', 'pkgver': '97.0.2+build1-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'firefox-locale-be', 'pkgver': '97.0.2+build1-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'firefox-locale-bg', 'pkgver': '97.0.2+build1-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'firefox-locale-bn', 'pkgver': '97.0.2+build1-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'firefox-locale-br', 'pkgver': '97.0.2+build1-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'firefox-locale-bs', 'pkgver': '97.0.2+build1-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'firefox-locale-ca', 'pkgver': '97.0.2+build1-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'firefox-locale-cak', 'pkgver': '97.0.2+build1-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'firefox-locale-cs', 'pkgver': '97.0.2+build1-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'firefox-locale-csb', 'pkgver': '97.0.2+build1-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'firefox-locale-cy', 'pkgver': '97.0.2+build1-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'firefox-locale-da', 'pkgver': '97.0.2+build1-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'firefox-locale-de', 'pkgver': '97.0.2+build1-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'firefox-locale-el', 'pkgver': '97.0.2+build1-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'firefox-locale-en', 'pkgver': '97.0.2+build1-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'firefox-locale-eo', 'pkgver': '97.0.2+build1-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'firefox-locale-es', 'pkgver': '97.0.2+build1-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'firefox-locale-et', 'pkgver': '97.0.2+build1-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'firefox-locale-eu', 'pkgver': '97.0.2+build1-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'firefox-locale-fa', 'pkgver': '97.0.2+build1-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'firefox-locale-fi', 'pkgver': '97.0.2+build1-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'firefox-locale-fr', 'pkgver': '97.0.2+build1-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'firefox-locale-fy', 'pkgver': '97.0.2+build1-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'firefox-locale-ga', 'pkgver': '97.0.2+build1-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'firefox-locale-gd', 'pkgver': '97.0.2+build1-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'firefox-locale-gl', 'pkgver': '97.0.2+build1-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'firefox-locale-gn', 'pkgver': '97.0.2+build1-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'firefox-locale-gu', 'pkgver': '97.0.2+build1-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'firefox-locale-he', 'pkgver': '97.0.2+build1-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'firefox-locale-hi', 'pkgver': '97.0.2+build1-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'firefox-locale-hr', 'pkgver': '97.0.2+build1-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'firefox-locale-hsb', 'pkgver': '97.0.2+build1-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'firefox-locale-hu', 'pkgver': '97.0.2+build1-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'firefox-locale-hy', 'pkgver': '97.0.2+build1-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'firefox-locale-ia', 'pkgver': '97.0.2+build1-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'firefox-locale-id', 'pkgver': '97.0.2+build1-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'firefox-locale-is', 'pkgver': '97.0.2+build1-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'firefox-locale-it', 'pkgver': '97.0.2+build1-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'firefox-locale-ja', 'pkgver': '97.0.2+build1-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'firefox-locale-ka', 'pkgver': '97.0.2+build1-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'firefox-locale-kab', 'pkgver': '97.0.2+build1-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'firefox-locale-kk', 'pkgver': '97.0.2+build1-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'firefox-locale-km', 'pkgver': '97.0.2+build1-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'firefox-locale-kn', 'pkgver': '97.0.2+build1-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'firefox-locale-ko', 'pkgver': '97.0.2+build1-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'firefox-locale-ku', 'pkgver': '97.0.2+build1-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'firefox-locale-lg', 'pkgver': '97.0.2+build1-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'firefox-locale-lt', 'pkgver': '97.0.2+build1-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'firefox-locale-lv', 'pkgver': '97.0.2+build1-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'firefox-locale-mai', 'pkgver': '97.0.2+build1-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'firefox-locale-mk', 'pkgver': '97.0.2+build1-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'firefox-locale-ml', 'pkgver': '97.0.2+build1-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'firefox-locale-mn', 'pkgver': '97.0.2+build1-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'firefox-locale-mr', 'pkgver': '97.0.2+build1-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'firefox-locale-ms', 'pkgver': '97.0.2+build1-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'firefox-locale-my', 'pkgver': '97.0.2+build1-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'firefox-locale-nb', 'pkgver': '97.0.2+build1-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'firefox-locale-ne', 'pkgver': '97.0.2+build1-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'firefox-locale-nl', 'pkgver': '97.0.2+build1-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'firefox-locale-nn', 'pkgver': '97.0.2+build1-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'firefox-locale-nso', 'pkgver': '97.0.2+build1-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'firefox-locale-oc', 'pkgver': '97.0.2+build1-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'firefox-locale-or', 'pkgver': '97.0.2+build1-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'firefox-locale-pa', 'pkgver': '97.0.2+build1-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'firefox-locale-pl', 'pkgver': '97.0.2+build1-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'firefox-locale-pt', 'pkgver': '97.0.2+build1-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'firefox-locale-ro', 'pkgver': '97.0.2+build1-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'firefox-locale-ru', 'pkgver': '97.0.2+build1-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'firefox-locale-si', 'pkgver': '97.0.2+build1-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'firefox-locale-sk', 'pkgver': '97.0.2+build1-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'firefox-locale-sl', 'pkgver': '97.0.2+build1-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'firefox-locale-sq', 'pkgver': '97.0.2+build1-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'firefox-locale-sr', 'pkgver': '97.0.2+build1-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'firefox-locale-sv', 'pkgver': '97.0.2+build1-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'firefox-locale-sw', 'pkgver': '97.0.2+build1-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'firefox-locale-szl', 'pkgver': '97.0.2+build1-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'firefox-locale-ta', 'pkgver': '97.0.2+build1-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'firefox-locale-te', 'pkgver': '97.0.2+build1-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'firefox-locale-th', 'pkgver': '97.0.2+build1-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'firefox-locale-tr', 'pkgver': '97.0.2+build1-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'firefox-locale-uk', 'pkgver': '97.0.2+build1-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'firefox-locale-ur', 'pkgver': '97.0.2+build1-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'firefox-locale-uz', 'pkgver': '97.0.2+build1-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'firefox-locale-vi', 'pkgver': '97.0.2+build1-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'firefox-locale-xh', 'pkgver': '97.0.2+build1-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'firefox-locale-zh-hans', 'pkgver': '97.0.2+build1-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'firefox-locale-zh-hant', 'pkgver': '97.0.2+build1-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'firefox-locale-zu', 'pkgver': '97.0.2+build1-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'firefox-mozsymbols', 'pkgver': '97.0.2+build1-0ubuntu0.21.10.1'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var osver = NULL;\n var pkgname = NULL;\n var pkgver = NULL;\n if (!empty_or_null(package_array['osver'])) osver = package_array['osver'];\n if (!empty_or_null(package_array['pkgname'])) pkgname = package_array['pkgname'];\n if (!empty_or_null(package_array['pkgver'])) pkgver = package_array['pkgver'];\n if (osver && pkgname && pkgver) {\n if (ubuntu_check(osver:osver, pkgname:pkgname, pkgver:pkgver)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'firefox / firefox-dev / firefox-geckodriver / firefox-locale-af / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-23T15:25:02", "description": "The remote SUSE Linux SLES12 / SLES_SAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0777-1 advisory.\n\n - Removing an XSLT parameter during processing could have lead to an exploitable use-after-free. We have had reports of attacks in the wild abusing this flaw. This vulnerability affects Firefox < 97.0.2, Firefox ESR < 91.6.1, Firefox for Android < 97.3.0, Thunderbird < 91.6.2, and Focus < 97.3.0. (CVE-2022-26485)\n\n - An unexpected message in the WebGPU IPC framework could lead to a use-after-free and exploitable sandbox escape. We have had reports of attacks in the wild abusing this flaw. This vulnerability affects Firefox < 97.0.2, Firefox ESR < 91.6.1, Firefox for Android < 97.3.0, Thunderbird < 91.6.2, and Focus < 97.3.0.\n (CVE-2022-26486)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-03-10T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : MozillaFirefox (SUSE-SU-2022:0777-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-26485", "CVE-2022-26486"], "modified": "2023-07-14T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:mozillafirefox", "p-cpe:/a:novell:suse_linux:mozillafirefox-devel", "p-cpe:/a:novell:suse_linux:mozillafirefox-translations-common", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2022-0777-1.NASL", "href": "https://www.tenable.com/plugins/nessus/158772", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2022:0777-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(158772);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/07/14\");\n\n script_cve_id(\"CVE-2022-26485\", \"CVE-2022-26486\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/03/21\");\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2022:0777-1\");\n script_xref(name:\"IAVA\", value:\"2022-A-0103-S\");\n\n script_name(english:\"SUSE SLES12 Security Update : MozillaFirefox (SUSE-SU-2022:0777-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLES12 / SLES_SAP12 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the SUSE-SU-2022:0777-1 advisory.\n\n - Removing an XSLT parameter during processing could have lead to an exploitable use-after-free. We have had\n reports of attacks in the wild abusing this flaw. This vulnerability affects Firefox < 97.0.2, Firefox ESR\n < 91.6.1, Firefox for Android < 97.3.0, Thunderbird < 91.6.2, and Focus < 97.3.0. (CVE-2022-26485)\n\n - An unexpected message in the WebGPU IPC framework could lead to a use-after-free and exploitable sandbox\n escape. We have had reports of attacks in the wild abusing this flaw. This vulnerability affects Firefox <\n 97.0.2, Firefox ESR < 91.6.1, Firefox for Android < 97.3.0, Thunderbird < 91.6.2, and Focus < 97.3.0.\n (CVE-2022-26486)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1196809\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-26485\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-26486\");\n # https://lists.suse.com/pipermail/sle-security-updates/2022-March/010408.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?095a0948\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected MozillaFirefox, MozillaFirefox-devel and / or MozillaFirefox-translations-common packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-26486\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/03/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/03/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/03/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:MozillaFirefox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:MozillaFirefox-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:MozillaFirefox-translations-common\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(os_release) || os_release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)(?:_SAP)?\\d+)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12|SLES_SAP12)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLES12 / SLES_SAP12', 'SUSE (' + os_ver + ')');\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE (' + os_ver + ')', cpu);\n\nvar service_pack = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(service_pack)) service_pack = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(2|3|4|5)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES12 SP2/3/4/5\", os_ver + \" SP\" + service_pack);\nif (os_ver == \"SLES_SAP12\" && (! preg(pattern:\"^(3|4|5)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES_SAP12 SP3/4/5\", os_ver + \" SP\" + service_pack);\n\nvar pkgs = [\n {'reference':'MozillaFirefox-91.6.1-112.92.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLES_SAP-release-12.3']},\n {'reference':'MozillaFirefox-devel-91.6.1-112.92.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLES_SAP-release-12.3']},\n {'reference':'MozillaFirefox-translations-common-91.6.1-112.92.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLES_SAP-release-12.3']},\n {'reference':'MozillaFirefox-91.6.1-112.92.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLES_SAP-release-12.4']},\n {'reference':'MozillaFirefox-devel-91.6.1-112.92.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLES_SAP-release-12.4']},\n {'reference':'MozillaFirefox-translations-common-91.6.1-112.92.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLES_SAP-release-12.4']},\n {'reference':'MozillaFirefox-91.6.1-112.92.1', 'sp':'5', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLES_SAP-release-12.5']},\n {'reference':'MozillaFirefox-devel-91.6.1-112.92.1', 'sp':'5', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLES_SAP-release-12.5']},\n {'reference':'MozillaFirefox-translations-common-91.6.1-112.92.1', 'sp':'5', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLES_SAP-release-12.5']},\n {'reference':'MozillaFirefox-devel-91.6.1-112.92.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['sle-sdk-release-12.5', 'sles-release-12.5']},\n {'reference':'MozillaFirefox-91.6.1-112.92.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['sles-release-12.2']},\n {'reference':'MozillaFirefox-devel-91.6.1-112.92.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['sles-release-12.2']},\n {'reference':'MozillaFirefox-translations-common-91.6.1-112.92.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['sles-release-12.2']},\n {'reference':'MozillaFirefox-91.6.1-112.92.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['sles-release-12.3']},\n {'reference':'MozillaFirefox-91.6.1-112.92.1', 'sp':'3', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['sles-release-12.3']},\n {'reference':'MozillaFirefox-devel-91.6.1-112.92.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['sles-release-12.3']},\n {'reference':'MozillaFirefox-devel-91.6.1-112.92.1', 'sp':'3', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['sles-release-12.3']},\n {'reference':'MozillaFirefox-translations-common-91.6.1-112.92.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['sles-release-12.3']},\n {'reference':'MozillaFirefox-translations-common-91.6.1-112.92.1', 'sp':'3', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['sles-release-12.3']},\n {'reference':'MozillaFirefox-91.6.1-112.92.1', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['sles-release-12.4']},\n {'reference':'MozillaFirefox-devel-91.6.1-112.92.1', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['sles-release-12.4']},\n {'reference':'MozillaFirefox-translations-common-91.6.1-112.92.1', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['sles-release-12.4']},\n {'reference':'MozillaFirefox-91.6.1-112.92.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['sles-release-12.5']},\n {'reference':'MozillaFirefox-translations-common-91.6.1-112.92.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['sles-release-12.5']}\n];\n\nvar ltss_caveat_required = FALSE;\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var exists_check = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && _release) {\n if (exists_check) {\n var check_flag = 0;\n foreach var check (exists_check) {\n if (!rpm_exists(release:_release, rpm:check)) continue;\n if ('ltss' >< tolower(check)) ltss_caveat_required = TRUE;\n check_flag++;\n }\n if (!check_flag) continue;\n }\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n var ltss_plugin_caveat = NULL;\n if(ltss_caveat_required) ltss_plugin_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in SUSE Enterprise Linux Server LTSS\\n' +\n 'repositories. Access to these package security updates require\\n' +\n 'a paid SUSE LTSS subscription.\\n';\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + ltss_plugin_caveat\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'MozillaFirefox / MozillaFirefox-devel / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-23T15:19:28", "description": "The version of Thunderbird installed on the remote Windows host is prior to 91.6.2. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2022-09 advisory.\n\n - Removing an XSLT parameter during processing could have lead to an exploitable use-after-free. We have had reports of attacks in the wild abusing this flaw. (CVE-2022-26485)\n\n - An unexpected message in the WebGPU IPC framework could lead to a use-after-free and exploitable sandbox escape. We have had reports of attacks in the wild abusing this flaw. (CVE-2022-26486)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-03-07T00:00:00", "type": "nessus", "title": "Mozilla Thunderbird < 91.6.2", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-26485", "CVE-2022-26486"], "modified": "2023-04-25T00:00:00", "cpe": ["cpe:/a:mozilla:thunderbird"], "id": "MOZILLA_THUNDERBIRD_91_6_2.NASL", "href": "https://www.tenable.com/plugins/nessus/158653", "sourceData": "#%NASL_MIN_LEVEL 70300\n## \n# (C) Tenable Network Security, Inc.\n# \n# The descriptive text and package checks in this plugin were\n# extracted from Mozilla Foundation Security Advisory mfsa2022-09.\n# The text itself is copyright (C) Mozilla Foundation.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(158653);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/04/25\");\n\n script_cve_id(\"CVE-2022-26485\", \"CVE-2022-26486\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/03/21\");\n\n script_name(english:\"Mozilla Thunderbird < 91.6.2\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A mail client installed on the remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Thunderbird installed on the remote Windows host is prior to 91.6.2. It is, therefore, affected by\nmultiple vulnerabilities as referenced in the mfsa2022-09 advisory.\n\n - Removing an XSLT parameter during processing could have lead to an exploitable use-after-free. We have had\n reports of attacks in the wild abusing this flaw. (CVE-2022-26485)\n\n - An unexpected message in the WebGPU IPC framework could lead to a use-after-free and exploitable sandbox\n escape. We have had reports of attacks in the wild abusing this flaw. (CVE-2022-26486)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2022-09/\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Mozilla Thunderbird version 91.6.2 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-26486\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/03/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/03/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/03/07\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:mozilla:thunderbird\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"mozilla_org_installed.nasl\");\n script_require_keys(\"Mozilla/Thunderbird/Version\");\n\n exit(0);\n}\n\ninclude('mozilla_version.inc');\n\nvar port = get_kb_item('SMB/transport');\nif (!port) port = 445;\n\nvar installs = get_kb_list('SMB/Mozilla/Thunderbird/*');\nif (isnull(installs)) audit(AUDIT_NOT_INST, 'Thunderbird');\n\nmozilla_check_version(installs:installs, product:'thunderbird', esr:FALSE, fix:'91.6.2', severity:SECURITY_HOLE);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-23T15:19:25", "description": "The version of Firefox ESR installed on the remote Windows host is prior to 91.6.1. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2022-09 advisory.\n\n - Removing an XSLT parameter during processing could have lead to an exploitable use-after-free. We have had reports of attacks in the wild abusing this flaw. (CVE-2022-26485)\n\n - An unexpected message in the WebGPU IPC framework could lead to a use-after-free and exploitable sandbox escape. We have had reports of attacks in the wild abusing this flaw. (CVE-2022-26486)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-03-07T00:00:00", "type": "nessus", "title": "Mozilla Firefox ESR < 91.6.1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-26485", "CVE-2022-26486"], "modified": "2023-04-25T00:00:00", "cpe": ["cpe:/a:mozilla:firefox_esr"], "id": "MOZILLA_FIREFOX_91_6_1_ESR.NASL", "href": "https://www.tenable.com/plugins/nessus/158657", "sourceData": "#%NASL_MIN_LEVEL 70300\n## \n# (C) Tenable Network Security, Inc.\n# \n# The descriptive text and package checks in this plugin were\n# extracted from Mozilla Foundation Security Advisory mfsa2022-09.\n# The text itself is copyright (C) Mozilla Foundation.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(158657);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/04/25\");\n\n script_cve_id(\"CVE-2022-26485\", \"CVE-2022-26486\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/03/21\");\n script_xref(name:\"IAVA\", value:\"2022-A-0103-S\");\n\n script_name(english:\"Mozilla Firefox ESR < 91.6.1\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A web browser installed on the remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Firefox ESR installed on the remote Windows host is prior to 91.6.1. It is, therefore, affected by\nmultiple vulnerabilities as referenced in the mfsa2022-09 advisory.\n\n - Removing an XSLT parameter during processing could have lead to an exploitable use-after-free. We have had\n reports of attacks in the wild abusing this flaw. (CVE-2022-26485)\n\n - An unexpected message in the WebGPU IPC framework could lead to a use-after-free and exploitable sandbox\n escape. We have had reports of attacks in the wild abusing this flaw. (CVE-2022-26486)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2022-09/\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Mozilla Firefox ESR version 91.6.1 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-26486\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/03/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/03/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/03/07\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:mozilla:firefox_esr\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"mozilla_org_installed.nasl\");\n script_require_keys(\"Mozilla/Firefox/Version\");\n\n exit(0);\n}\n\ninclude('mozilla_version.inc');\n\nvar port = get_kb_item('SMB/transport');\nif (!port) port = 445;\n\nvar installs = get_kb_list('SMB/Mozilla/Firefox/*');\nif (isnull(installs)) audit(AUDIT_NOT_INST, 'Firefox');\n\nmozilla_check_version(installs:installs, product:'firefox', esr:TRUE, fix:'91.6.1', min:'91.0.0', severity:SECURITY_HOLE);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-23T15:23:10", "description": "The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0778-1 advisory.\n\n - Removing an XSLT parameter during processing could have lead to an exploitable use-after-free. We have had reports of attacks in the wild abusing this flaw. This vulnerability affects Firefox < 97.0.2, Firefox ESR < 91.6.1, Firefox for Android < 97.3.0, Thunderbird < 91.6.2, and Focus < 97.3.0. (CVE-2022-26485)\n\n - An unexpected message in the WebGPU IPC framework could lead to a use-after-free and exploitable sandbox escape. We have had reports of attacks in the wild abusing this flaw. This vulnerability affects Firefox < 97.0.2, Firefox ESR < 91.6.1, Firefox for Android < 97.3.0, Thunderbird < 91.6.2, and Focus < 97.3.0.\n (CVE-2022-26486)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-03-10T00:00:00", "type": "nessus", "title": "SUSE SLES15 Security Update : MozillaFirefox (SUSE-SU-2022:0778-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-26485", "CVE-2022-26486"], "modified": "2023-07-14T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:mozillafirefox", "p-cpe:/a:novell:suse_linux:mozillafirefox-devel", "p-cpe:/a:novell:suse_linux:mozillafirefox-translations-common", "p-cpe:/a:novell:suse_linux:mozillafirefox-translations-other", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2022-0778-1.NASL", "href": "https://www.tenable.com/plugins/nessus/158766", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2022:0778-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(158766);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/07/14\");\n\n script_cve_id(\"CVE-2022-26485\", \"CVE-2022-26486\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/03/21\");\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2022:0778-1\");\n script_xref(name:\"IAVA\", value:\"2022-A-0103-S\");\n\n script_name(english:\"SUSE SLES15 Security Update : MozillaFirefox (SUSE-SU-2022:0778-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the SUSE-SU-2022:0778-1 advisory.\n\n - Removing an XSLT parameter during processing could have lead to an exploitable use-after-free. We have had\n reports of attacks in the wild abusing this flaw. This vulnerability affects Firefox < 97.0.2, Firefox ESR\n < 91.6.1, Firefox for Android < 97.3.0, Thunderbird < 91.6.2, and Focus < 97.3.0. (CVE-2022-26485)\n\n - An unexpected message in the WebGPU IPC framework could lead to a use-after-free and exploitable sandbox\n escape. We have had reports of attacks in the wild abusing this flaw. This vulnerability affects Firefox <\n 97.0.2, Firefox ESR < 91.6.1, Firefox for Android < 97.3.0, Thunderbird < 91.6.2, and Focus < 97.3.0.\n (CVE-2022-26486)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1196809\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-26485\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-26486\");\n # https://lists.suse.com/pipermail/sle-security-updates/2022-March/010409.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?731364b7\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected MozillaFirefox, MozillaFirefox-devel, MozillaFirefox-translations-common and / or MozillaFirefox-\ntranslations-other packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-26486\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/03/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/03/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/03/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:MozillaFirefox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:MozillaFirefox-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:MozillaFirefox-translations-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:MozillaFirefox-translations-other\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(os_release) || os_release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)(?:_SAP)?\\d+)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES15|SLES_SAP15)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLES15 / SLES_SAP15', 'SUSE (' + os_ver + ')');\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE (' + os_ver + ')', cpu);\n\nvar service_pack = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(service_pack)) service_pack = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(0|1)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES15 SP0/1\", os_ver + \" SP\" + service_pack);\nif (os_ver == \"SLES_SAP15\" && (! preg(pattern:\"^(0|1)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES_SAP15 SP0/1\", os_ver + \" SP\" + service_pack);\n\nvar pkgs = [\n {'reference':'MozillaFirefox-91.6.1-150.21.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLES_SAP-release-15']},\n {'reference':'MozillaFirefox-devel-91.6.1-150.21.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLES_SAP-release-15']},\n {'reference':'MozillaFirefox-translations-common-91.6.1-150.21.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLES_SAP-release-15']},\n {'reference':'MozillaFirefox-translations-other-91.6.1-150.21.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLES_SAP-release-15']},\n {'reference':'MozillaFirefox-91.6.1-150.21.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLES_SAP-release-15.1']},\n {'reference':'MozillaFirefox-devel-91.6.1-150.21.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLES_SAP-release-15.1']},\n {'reference':'MozillaFirefox-translations-common-91.6.1-150.21.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLES_SAP-release-15.1']},\n {'reference':'MozillaFirefox-translations-other-91.6.1-150.21.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLES_SAP-release-15.1']},\n {'reference':'MozillaFirefox-91.6.1-150.21.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-1']},\n {'reference':'MozillaFirefox-91.6.1-150.21.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-1', 'sles-release-15.1']},\n {'reference':'MozillaFirefox-devel-91.6.1-150.21.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-1']},\n {'reference':'MozillaFirefox-devel-91.6.1-150.21.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-1', 'sles-release-15.1']},\n {'reference':'MozillaFirefox-translations-common-91.6.1-150.21.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-1']},\n {'reference':'MozillaFirefox-translations-common-91.6.1-150.21.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-1', 'sles-release-15.1']},\n {'reference':'MozillaFirefox-translations-other-91.6.1-150.21.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-1']},\n {'reference':'MozillaFirefox-translations-other-91.6.1-150.21.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-1', 'sles-release-15.1']},\n {'reference':'MozillaFirefox-91.6.1-150.21.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'MozillaFirefox-91.6.1-150.21.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'MozillaFirefox-91.6.1-150.21.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'MozillaFirefox-91.6.1-150.21.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'MozillaFirefox-devel-91.6.1-150.21.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'MozillaFirefox-devel-91.6.1-150.21.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'MozillaFirefox-devel-91.6.1-150.21.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'MozillaFirefox-devel-91.6.1-150.21.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'MozillaFirefox-translations-common-91.6.1-150.21.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'MozillaFirefox-translations-common-91.6.1-150.21.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'MozillaFirefox-translations-common-91.6.1-150.21.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'MozillaFirefox-translations-common-91.6.1-150.21.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'MozillaFirefox-translations-other-91.6.1-150.21.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'MozillaFirefox-translations-other-91.6.1-150.21.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'MozillaFirefox-translations-other-91.6.1-150.21.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'MozillaFirefox-translations-other-91.6.1-150.21.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'MozillaFirefox-91.6.1-150.21.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'MozillaFirefox-91.6.1-150.21.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'MozillaFirefox-devel-91.6.1-150.21.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'MozillaFirefox-devel-91.6.1-150.21.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'MozillaFirefox-translations-common-91.6.1-150.21.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'MozillaFirefox-translations-common-91.6.1-150.21.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'MozillaFirefox-translations-other-91.6.1-150.21.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'MozillaFirefox-translations-other-91.6.1-150.21.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'MozillaFirefox-91.6.1-150.21.1', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['sles-ltss-release-15']},\n {'reference':'MozillaFirefox-devel-91.6.1-150.21.1', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['sles-ltss-release-15']},\n {'reference':'MozillaFirefox-translations-common-91.6.1-150.21.1', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['sles-ltss-release-15']},\n {'reference':'MozillaFirefox-translations-other-91.6.1-150.21.1', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['sles-ltss-release-15']},\n {'reference':'MozillaFirefox-91.6.1-150.21.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['sles-ltss-release-15.1']},\n {'reference':'MozillaFirefox-devel-91.6.1-150.21.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['sles-ltss-release-15.1']},\n {'reference':'MozillaFirefox-translations-common-91.6.1-150.21.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['sles-ltss-release-15.1']},\n {'reference':'MozillaFirefox-translations-other-91.6.1-150.21.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['sles-ltss-release-15.1']}\n];\n\nvar ltss_caveat_required = FALSE;\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var exists_check = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && _release) {\n if (exists_check) {\n var check_flag = 0;\n foreach var check (exists_check) {\n if (!rpm_exists(release:_release, rpm:check)) continue;\n if ('ltss' >< tolower(check)) ltss_caveat_required = TRUE;\n check_flag++;\n }\n if (!check_flag) continue;\n }\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n var ltss_plugin_caveat = NULL;\n if(ltss_caveat_required) ltss_plugin_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in SUSE Enterprise Linux Server LTSS\\n' +\n 'repositories. Access to these package security updates require\\n' +\n 'a paid SUSE LTSS subscription.\\n';\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + ltss_plugin_caveat\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'MozillaFirefox / MozillaFirefox-devel / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-23T15:19:16", "description": "The version of mozilla-firefox installed on the remote host is prior to 91.6.1esr / 97.0.2. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2022-064-01 advisory.\n\n - An unexpected message in the WebGPU IPC framework could lead to a use-after-free and exploitable sandbox escape. We have had reports of attacks in the wild abusing this flaw. This vulnerability affects Firefox < 97.0.2, Firefox ESR < 91.6.1, Firefox for Android < 97.3.0, Thunderbird < 91.6.2, and Focus < 97.3.0.\n (CVE-2022-26486)\n\n - Removing an XSLT parameter during processing could have lead to an exploitable use-after-free. We have had reports of attacks in the wild abusing this flaw. This vulnerability affects Firefox < 97.0.2, Firefox ESR < 91.6.1, Firefox for Android < 97.3.0, Thunderbird < 91.6.2, and Focus < 97.3.0. (CVE-2022-26485)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-03-05T00:00:00", "type": "nessus", "title": "Slackware Linux 15.0 / current mozilla-firefox Multiple Vulnerabilities (SSA:2022-064-01)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-26485", "CVE-2022-26486"], "modified": "2023-04-25T00:00:00", "cpe": ["p-cpe:/a:slackware:slackware_linux:mozilla-firefox", "cpe:/o:slackware:slackware_linux", "cpe:/o:slackware:slackware_linux:15.0"], "id": "SLACKWARE_SSA_2022-064-01.NASL", "href": "https://www.tenable.com/plugins/nessus/158644", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Slackware Security Advisory SSA:2022-064-01. The text\n# itself is copyright (C) Slackware Linux, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(158644);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/04/25\");\n\n script_cve_id(\"CVE-2022-26485\", \"CVE-2022-26486\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/03/21\");\n script_xref(name:\"IAVA\", value:\"2022-A-0103-S\");\n\n script_name(english:\"Slackware Linux 15.0 / current mozilla-firefox Multiple Vulnerabilities (SSA:2022-064-01)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Slackware Linux host is missing a security update to mozilla-firefox.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of mozilla-firefox installed on the remote host is prior to 91.6.1esr / 97.0.2. It is, therefore, affected\nby multiple vulnerabilities as referenced in the SSA:2022-064-01 advisory.\n\n - An unexpected message in the WebGPU IPC framework could lead to a use-after-free and exploitable sandbox\n escape. We have had reports of attacks in the wild abusing this flaw. This vulnerability affects Firefox <\n 97.0.2, Firefox ESR < 91.6.1, Firefox for Android < 97.3.0, Thunderbird < 91.6.2, and Focus < 97.3.0.\n (CVE-2022-26486)\n\n - Removing an XSLT parameter during processing could have lead to an exploitable use-after-free. We have had\n reports of attacks in the wild abusing this flaw. This vulnerability affects Firefox < 97.0.2, Firefox ESR\n < 91.6.1, Firefox for Android < 97.3.0, Thunderbird < 91.6.2, and Focus < 97.3.0. (CVE-2022-26485)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the affected mozilla-firefox package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-26486\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/03/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/03/05\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:mozilla-firefox\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:15.0\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Slackware Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\nvar flag = 0;\nvar constraints = [\n { 'fixed_version' : '91.6.1esr', 'product' : 'mozilla-firefox', 'os_name' : 'Slackware Linux', 'os_version' : '15.0', 'service_pack' : '1_slack15.0', 'arch' : 'i686' },\n { 'fixed_version' : '91.6.1esr', 'product' : 'mozilla-firefox', 'os_name' : 'Slackware Linux', 'os_version' : '15.0', 'service_pack' : '1_slack15.0', 'arch' : 'x86_64' },\n { 'fixed_version' : '97.0.2', 'product' : 'mozilla-firefox', 'os_name' : 'Slackware Linux', 'os_version' : 'current', 'service_pack' : '1', 'arch' : 'i686' },\n { 'fixed_version' : '97.0.2', 'product' : 'mozilla-firefox', 'os_name' : 'Slackware Linux', 'os_version' : 'current', 'service_pack' : '1', 'arch' : 'x86_64' }\n];\n\nforeach constraint (constraints) {\n var pkg_arch = constraint['arch'];\n var arch = NULL;\n if (pkg_arch == \"x86_64\") {\n arch = pkg_arch;\n }\n if (slackware_check(osver:constraint['os_version'],\n arch:arch,\n pkgname:constraint['product'],\n pkgver:constraint['fixed_version'],\n pkgarch:pkg_arch,\n pkgnum:constraint['service_pack'])) flag++;\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : slackware_report_get()\n );\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-23T15:20:38", "description": "The remote Debian 10 / 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5090 advisory.\n\n - An unexpected message in the WebGPU IPC framework could lead to a use-after-free and exploitable sandbox escape. We have had reports of attacks in the wild abusing this flaw. This vulnerability affects Firefox < 97.0.2, Firefox ESR < 91.6.1, Firefox for Android < 97.3.0, Thunderbird < 91.6.2, and Focus < 97.3.0.\n (CVE-2022-26486)\n\n - Removing an XSLT parameter during processing could have lead to an exploitable use-after-free. We have had reports of attacks in the wild abusing this flaw. This vulnerability affects Firefox < 97.0.2, Firefox ESR < 91.6.1, Firefox for Android < 97.3.0, Thunderbird < 91.6.2, and Focus < 97.3.0. (CVE-2022-26485)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-03-07T00:00:00", "type": "nessus", "title": "Debian DSA-5090-1 : firefox-esr - security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-26485", "CVE-2022-26486"], "modified": "2023-04-25T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:firefox-esr", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ach", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-af", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-all", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-an", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ar", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ast", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-az", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-be", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-bg", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-bn", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-br", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-bs", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ca", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ca-valencia", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-cak", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-cs", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-cy", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-da", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-de", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-dsb", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-el", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-en-ca", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-en-gb", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-eo", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-es-ar", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-es-cl", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-es-es", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-es-mx", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-et", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-eu", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-fa", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ff", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-fi", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-fr", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-fy-nl", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ga-ie", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-gd", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-gl", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-gn", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-gu-in", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-he", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-hi-in", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-hr", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-hsb", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-hu", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-hy-am", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ia", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-id", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-is", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-it", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ja", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ka", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-kab", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-kk", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-km", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-kn", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ko", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-lij", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-lt", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-lv", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-mk", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-mr", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ms", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-my", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-nb-no", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ne-np", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-nl", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-nn-no", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-oc", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-pa-in", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-pl", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-pt-br", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-pt-pt", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-rm", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ro", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ru", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-sco", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-si", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-sk", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-sl", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-son", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-sq", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-sr", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-sv-se", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-szl", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ta", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-te", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-th", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-tl", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-tr", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-trs", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-uk", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ur", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-uz", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-vi", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-xh", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-zh-cn", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-zh-tw", "p-cpe:/a:debian:debian_linux:iceweasel", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-ach", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-af", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-all", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-an", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-ar", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-ast", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-az", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-be", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-bg", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-bn", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-br", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-bs", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-ca", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-ca-valencia", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-cak", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-cs", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-cy", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-da", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-de", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-dsb", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-el", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-en-ca", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-en-gb", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-eo", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-es-ar", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-es-cl", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-es-es", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-es-mx", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-et", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-eu", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-fa", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-ff", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-fi", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-fr", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-fy-nl", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-ga-ie", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-gd", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-gl", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-gn", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-gu-in", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-he", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-hi-in", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-hr", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-hsb", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-hu", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-hy-am", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-ia", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-id", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-is", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-it", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-ja", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-ka", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-kab", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-kk", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-km", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-kn", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-ko", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-lij", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-lt", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-lv", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-mk", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-mr", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-ms", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-my", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-nb-no", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-ne-np", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-nl", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-nn-no", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-oc", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-pa-in", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-pl", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-pt-br", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-pt-pt", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-rm", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-ro", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-ru", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-sco", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-si", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-sk", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-sl", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-son", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-sq", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-sr", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-sv-se", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-szl", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-ta", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-te", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-th", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-tl", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-tr", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-trs", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-uk", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-ur", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-uz", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-vi", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-xh", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-zh-cn", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-zh-tw", "cpe:/o:debian:debian_linux:10.0", "cpe:/o:debian:debian_linux:11.0"], "id": "DEBIAN_DSA-5090.NASL", "href": "https://www.tenable.com/plugins/nessus/158678", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory dsa-5090. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(158678);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/04/25\");\n\n script_cve_id(\"CVE-2022-26485\", \"CVE-2022-26486\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/03/21\");\n script_xref(name:\"IAVA\", value:\"2022-A-0103-S\");\n\n script_name(english:\"Debian DSA-5090-1 : firefox-esr - security update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Debian host is missing one or more security-related updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Debian 10 / 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the\ndsa-5090 advisory.\n\n - An unexpected message in the WebGPU IPC framework could lead to a use-after-free and exploitable sandbox\n escape. We have had reports of attacks in the wild abusing this flaw. This vulnerability affects Firefox <\n 97.0.2, Firefox ESR < 91.6.1, Firefox for Android < 97.3.0, Thunderbird < 91.6.2, and Focus < 97.3.0.\n (CVE-2022-26486)\n\n - Removing an XSLT parameter during processing could have lead to an exploitable use-after-free. We have had\n reports of attacks in the wild abusing this flaw. This vulnerability affects Firefox < 97.0.2, Firefox ESR\n < 91.6.1, Firefox for Android < 97.3.0, Thunderbird < 91.6.2, and Focus < 97.3.0. (CVE-2022-26485)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/source-package/firefox-esr\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.debian.org/security/2022/dsa-5090\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-26485\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-26486\");\n script_set_attribute(attribute:\"see_also\", value:\"https://packages.debian.org/source/buster/firefox-esr\");\n script_set_attribute(attribute:\"see_also\", value:\"https://packages.debian.org/source/bullseye/firefox-esr\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the firefox-esr packages.\n\nFor the stable distribution (bullseye), these problems have been fixed in version 91.6.1esr-1~deb11u1.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-26486\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/03/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/03/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/03/07\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ach\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-af\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-all\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-an\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ast\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-az\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-be\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-bg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-bn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-br\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-bs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ca\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ca-valencia\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-cak\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-cs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-cy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-da\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-de\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-dsb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-el\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-en-ca\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-en-gb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-eo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-es-ar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-es-cl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-es-es\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-es-mx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-et\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-eu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-fa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ff\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-fi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-fr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-fy-nl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ga-ie\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-gl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-gn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-gu-in\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-he\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-hi-in\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-hr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-hsb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-hu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-hy-am\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ia\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-id\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-is\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-it\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ja\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ka\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-kab\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-kk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-km\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-kn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ko\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-lij\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-lt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-lv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-mk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-mr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-my\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-nb-no\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ne-np\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-nl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-nn-no\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-oc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-pa-in\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-pl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-pt-br\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-pt-pt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-rm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ro\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ru\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-sco\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-si\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-sk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-sl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-son\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-sq\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-sr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-sv-se\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-szl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ta\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-te\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-th\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-tl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-tr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-trs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-uk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ur\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-uz\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-vi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-xh\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-zh-cn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-zh-tw\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-ach\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-af\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-all\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-an\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-ar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-ast\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-az\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-be\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-bg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-bn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-br\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-bs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-ca\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-ca-valencia\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-cak\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-cs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-cy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-da\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-de\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-dsb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-el\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-en-ca\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-en-gb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-eo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-es-ar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-es-cl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-es-es\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-es-mx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-et\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-eu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-fa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-ff\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-fi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-fr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-fy-nl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-ga-ie\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-gl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-gn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-gu-in\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-he\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-hi-in\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-hr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-hsb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-hu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-hy-am\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-ia\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-id\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-is\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-it\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-ja\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-ka\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-kab\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-kk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-km\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-kn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-ko\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-lij\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-lt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-lv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-mk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-mr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-ms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-my\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-nb-no\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-ne-np\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-nl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-nn-no\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-oc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-pa-in\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-pl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-pt-br\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-pt-pt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-rm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-ro\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-ru\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-sco\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-si\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-sk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-sl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-son\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-sq\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-sr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-sv-se\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-szl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-ta\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-te\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-th\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-tl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-tr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-trs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-uk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-ur\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-uz\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-vi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-xh\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-zh-cn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-zh-tw\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:10.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:11.0\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Debian Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('debian_package.inc');\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar release = get_kb_item('Host/Debian/release');\nif ( isnull(release) ) audit(AUDIT_OS_NOT, 'Debian');\nvar release = chomp(release);\nif (! preg(pattern:\"^(10)\\.[0-9]+|^(11)\\.[0-9]+\", string:release)) audit(AUDIT_OS_NOT, 'Debian 10.0 / 11.0', 'Debian ' + release);\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Debian', cpu);\n\nvar pkgs = [\n {'release': '10.0', 'prefix': 'firefox-esr', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-ach', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-af', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-all', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-an', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-ar', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-ast', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-az', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-be', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-bg', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-bn', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-br', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-bs', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-ca', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-ca-valencia', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-cak', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-cs', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-cy', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-da', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-de', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-dsb', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-el', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-en-ca', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-en-gb', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-eo', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-es-ar', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-es-cl', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-es-es', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-es-mx', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-et', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-eu', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-fa', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-ff', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-fi', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-fr', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-fy-nl', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-ga-ie', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-gd', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-gl', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-gn', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-gu-in', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-he', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-hi-in', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-hr', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-hsb', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-hu', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-hy-am', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-ia', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-id', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-is', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-it', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-ja', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-ka', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-kab', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-kk', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-km', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-kn', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-ko', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-lij', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-lt', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-lv', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-mk', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-mr', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-ms', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-my', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-nb-no', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-ne-np', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-nl', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-nn-no', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-oc', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-pa-in', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-pl', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-pt-br', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-pt-pt', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-rm', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-ro', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-ru', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-sco', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-si', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-sk', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-sl', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-son', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-sq', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-sr', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-sv-se', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-szl', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-ta', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-te', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-th', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-tl', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-tr', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-trs', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-uk', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-ur', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-uz', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-vi', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-xh', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-zh-cn', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-zh-tw', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-ach', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-af', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-all', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-an', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-ar', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-ast', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-az', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-be', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-bg', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-bn', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-br', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-bs', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-ca', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-ca-valencia', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-cak', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-cs', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-cy', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-da', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-de', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-dsb', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-el', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-en-ca', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-en-gb', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-eo', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-es-ar', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-es-cl', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-es-es', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-es-mx', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-et', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-eu', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-fa', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-ff', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-fi', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-fr', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-fy-nl', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-ga-ie', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-gd', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-gl', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-gn', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-gu-in', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-he', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-hi-in', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-hr', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-hsb', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-hu', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-hy-am', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-ia', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-id', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-is', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-it', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-ja', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-ka', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-kab', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-kk', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-km', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-kn', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-ko', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-lij', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-lt', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-lv', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-mk', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-mr', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-ms', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-my', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-nb-no', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-ne-np', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-nl', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-nn-no', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-oc', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-pa-in', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-pl', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-pt-br', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-pt-pt', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-rm', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-ro', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-ru', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-sco', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-si', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-sk', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-sl', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-son', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-sq', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-sr', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-sv-se', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-szl', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-ta', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-te', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-th', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-tl', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-tr', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-trs', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-uk', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-ur', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-uz', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-vi', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-xh', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-zh-cn', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-zh-tw', 'reference': '91.6.1esr-1~deb10u1'},\n {'release': '11.0', 'prefix': 'firefox-esr', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-ach', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-af', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-all', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-an', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-ar', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-ast', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-az', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-be', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-bg', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-bn', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-br', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-bs', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-ca', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-ca-valencia', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-cak', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-cs', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-cy', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-da', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-de', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-dsb', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-el', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-en-ca', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-en-gb', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-eo', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-es-ar', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-es-cl', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-es-es', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-es-mx', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-et', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-eu', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-fa', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-ff', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-fi', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-fr', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-fy-nl', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-ga-ie', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-gd', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-gl', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-gn', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-gu-in', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-he', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-hi-in', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-hr', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-hsb', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-hu', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-hy-am', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-ia', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-id', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-is', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-it', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-ja', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-ka', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-kab', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-kk', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-km', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-kn', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-ko', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-lij', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-lt', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-lv', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-mk', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-mr', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-ms', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-my', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-nb-no', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-ne-np', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-nl', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-nn-no', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-oc', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-pa-in', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-pl', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-pt-br', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-pt-pt', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-rm', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-ro', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-ru', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-sco', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-si', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-sk', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-sl', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-son', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-sq', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-sr', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-sv-se', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-szl', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-ta', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-te', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-th', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-tl', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-tr', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-trs', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-uk', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-ur', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-uz', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-vi', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-xh', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-zh-cn', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-zh-tw', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-ach', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-af', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-all', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-an', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-ar', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-ast', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-az', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-be', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-bg', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-bn', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-br', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-bs', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-ca', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-ca-valencia', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-cak', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-cs', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-cy', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-da', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-de', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-dsb', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-el', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-en-ca', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-en-gb', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-eo', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-es-ar', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-es-cl', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-es-es', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-es-mx', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-et', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-eu', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-fa', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-ff', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-fi', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-fr', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-fy-nl', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-ga-ie', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-gd', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-gl', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-gn', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-gu-in', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-he', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-hi-in', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-hr', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-hsb', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-hu', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-hy-am', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-ia', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-id', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-is', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-it', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-ja', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-ka', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-kab', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-kk', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-km', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-kn', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-ko', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-lij', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-lt', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-lv', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-mk', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-mr', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-ms', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-my', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-nb-no', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-ne-np', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-nl', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-nn-no', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-oc', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-pa-in', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-pl', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-pt-br', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-pt-pt', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-rm', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-ro', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-ru', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-sco', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-si', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-sk', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-sl', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-son', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-sq', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-sr', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-sv-se', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-szl', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-ta', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-te', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-th', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-tl', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-tr', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-trs', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-uk', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-ur', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-uz', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-vi', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-xh', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-zh-cn', 'reference': '91.6.1esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'iceweasel-l10n-zh-tw', 'reference': '91.6.1esr-1~deb11u1'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var release = NULL;\n var prefix = NULL;\n var reference = NULL;\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['prefix'])) prefix = package_array['prefix'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (release && prefix && reference) {\n if (deb_check(release:release, prefix:prefix, reference:reference)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : deb_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = deb_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'firefox-esr / firefox-esr-l10n-ach / firefox-esr-l10n-af / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-25T17:13:06", "description": "The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-2939 advisory.\n\n - An unexpected message in the WebGPU IPC framework could lead to a use-after-free and exploitable sandbox escape. We have had reports of attacks in the wild abusing this flaw. This vulnerability affects Firefox < 97.0.2, Firefox ESR < 91.6.1, Firefox for Android < 97.3.0, Thunderbird < 91.6.2, and Focus < 97.3.0.\n (CVE-2022-26486)\n\n - Removing an XSLT parameter during processing could have lead to an exploitable use-after-free. We have had reports of attacks in the wild abusing this flaw. This vulnerability affects Firefox < 97.0.2, Firefox ESR < 91.6.1, Firefox for Android < 97.3.0, Thunderbird < 91.6.2, and Focus < 97.3.0. (CVE-2022-26485)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-03-09T00:00:00", "type": "nessus", "title": "Debian DLA-2939-1 : thunderbird - LTS security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-26485", "CVE-2022-26486"], "modified": "2023-04-25T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:calendar-google-provider", "p-cpe:/a:debian:debian_linux:icedove", "p-cpe:/a:debian:debian_linux:icedove-dbg", "p-cpe:/a:debian:debian_linux:icedove-dev", "p-cpe:/a:debian:debian_linux:icedove-l10n-all", "p-cpe:/a:debian:debian_linux:icedove-l10n-ar", "p-cpe:/a:debian:debian_linux:icedove-l10n-ast", "p-cpe:/a:debian:debian_linux:icedove-l10n-be", "p-cpe:/a:debian:debian_linux:icedove-l10n-bg", "p-cpe:/a:debian:debian_linux:icedove-l10n-bn-bd", "p-cpe:/a:debian:debian_linux:icedove-l10n-br", "p-cpe:/a:debian:debian_linux:icedove-l10n-ca", "p-cpe:/a:debian:debian_linux:icedove-l10n-cs", "p-cpe:/a:debian:debian_linux:icedove-l10n-da", "p-cpe:/a:debian:debian_linux:icedove-l10n-de", "p-cpe:/a:debian:debian_linux:icedove-l10n-dsb", "p-cpe:/a:debian:debian_linux:icedove-l10n-el", "p-cpe:/a:debian:debian_linux:icedove-l10n-en-gb", "p-cpe:/a:debian:debian_linux:icedove-l10n-es-ar", "p-cpe:/a:debian:debian_linux:icedove-l10n-es-es", "p-cpe:/a:debian:debian_linux:icedove-l10n-et", "p-cpe:/a:debian:debian_linux:icedove-l10n-eu", "p-cpe:/a:debian:debian_linux:icedove-l10n-fi", "p-cpe:/a:debian:debian_linux:icedove-l10n-fr", "p-cpe:/a:debian:debian_linux:icedove-l10n-fy-nl", "p-cpe:/a:debian:debian_linux:icedove-l10n-ga-ie", "p-cpe:/a:debian:debian_linux:icedove-l10n-gd", "p-cpe:/a:debian:debian_linux:icedove-l10n-gl", "p-cpe:/a:debian:debian_linux:icedove-l10n-he", "p-cpe:/a:debian:debian_linux:icedove-l10n-hr", "p-cpe:/a:debian:debian_linux:icedove-l10n-hsb", "p-cpe:/a:debian:debian_linux:icedove-l10n-hu", "p-cpe:/a:debian:debian_linux:icedove-l10n-hy-am", "p-cpe:/a:debian:debian_linux:icedove-l10n-id", "p-cpe:/a:debian:debian_linux:icedove-l10n-is", "p-cpe:/a:debian:debian_linux:icedove-l10n-it", "p-cpe:/a:debian:debian_linux:icedove-l10n-ja", "p-cpe:/a:debian:debian_linux:icedove-l10n-kab", "p-cpe:/a:debian:debian_linux:icedove-l10n-ko", "p-cpe:/a:debian:debian_linux:icedove-l10n-lt", "p-cpe:/a:debian:debian_linux:icedove-l10n-nb-no", "p-cpe:/a:debian:debian_linux:icedove-l10n-nl", "p-cpe:/a:debian:debian_linux:icedove-l10n-nn-no", "p-cpe:/a:debian:debian_linux:icedove-l10n-pa-in", "p-cpe:/a:debian:debian_linux:icedove-l10n-pl", "p-cpe:/a:debian:debian_linux:icedove-l10n-pt-br", "p-cpe:/a:debian:debian_linux:icedove-l10n-pt-pt", "p-cpe:/a:debian:debian_linux:icedove-l10n-rm", "p-cpe:/a:debian:debian_linux:icedove-l10n-ro", "p-cpe:/a:debian:debian_linux:icedove-l10n-ru", "p-cpe:/a:debian:debian_linux:icedove-l10n-si", "p-cpe:/a:debian:debian_linux:icedove-l10n-sk", "p-cpe:/a:debian:debian_linux:icedove-l10n-sl", "p-cpe:/a:debian:debian_linux:icedove-l10n-sq", "p-cpe:/a:debian:debian_linux:icedove-l10n-sr", "p-cpe:/a:debian:debian_linux:icedove-l10n-sv-se", "p-cpe:/a:debian:debian_linux:icedove-l10n-ta-lk", "p-cpe:/a:debian:debian_linux:icedove-l10n-tr", "p-cpe:/a:debian:debian_linux:icedove-l10n-uk", "p-cpe:/a:debian:debian_linux:icedove-l10n-vi", "p-cpe:/a:debian:debian_linux:icedove-l10n-zh-cn", "p-cpe:/a:debian:debian_linux:icedove-l10n-zh-tw", "p-cpe:/a:debian:debian_linux:iceowl-extension", "p-cpe:/a:debian:debian_linux:iceowl-l10n-ar", "p-cpe:/a:debian:debian_linux:iceowl-l10n-ast", "p-cpe:/a:debian:debian_linux:iceowl-l10n-be", "p-cpe:/a:debian:debian_linux:iceowl-l10n-bg", "p-cpe:/a:debian:debian_linux:iceowl-l10n-bn-bd", "p-cpe:/a:debian:debian_linux:iceowl-l10n-br", "p-cpe:/a:debian:debian_linux:iceowl-l10n-ca", "p-cpe:/a:debian:debian_linux:iceowl-l10n-cs", "p-cpe:/a:debian:debian_linux:iceowl-l10n-cy", "p-cpe:/a:debian:debian_linux:iceowl-l10n-da", "p-cpe:/a:debian:debian_linux:iceowl-l10n-de", "p-cpe:/a:debian:debian_linux:iceowl-l10n-dsb", "p-cpe:/a:debian:debian_linux:iceowl-l10n-el", "p-cpe:/a:debian:debian_linux:iceowl-l10n-en-gb", "p-cpe:/a:debian:debian_linux:iceowl-l10n-es-ar", "p-cpe:/a:debian:debian_linux:iceowl-l10n-es-es", "p-cpe:/a:debian:debian_linux:iceowl-l10n-et", "p-cpe:/a:debian:debian_linux:iceowl-l10n-eu", "p-cpe:/a:debian:debian_linux:iceowl-l10n-fi", "p-cpe:/a:debian:debian_linux:iceowl-l10n-fr", "p-cpe:/a:debian:debian_linux:iceowl-l10n-fy-nl", "p-cpe:/a:debian:debian_linux:iceowl-l10n-ga-ie", "p-cpe:/a:debian:debian_linux:iceowl-l10n-gd", "p-cpe:/a:debian:debian_linux:iceowl-l10n-gl", "p-cpe:/a:debian:debian_linux:iceowl-l10n-he", "p-cpe:/a:debian:debian_linux:iceowl-l10n-hr", "p-cpe:/a:debian:debian_linux:iceowl-l10n-hsb", "p-cpe:/a:debian:debian_linux:iceowl-l10n-hu", "p-cpe:/a:debian:debian_linux:iceowl-l10n-hy-am", "p-cpe:/a:debian:debian_linux:iceowl-l10n-id", "p-cpe:/a:debian:debian_linux:iceowl-l10n-is", "p-cpe:/a:debian:debian_linux:iceowl-l10n-it", "p-cpe:/a:debian:debian_linux:iceowl-l10n-ja", "p-cpe:/a:debian:debian_linux:iceowl-l10n-kab", "p-cpe:/a:debian:debian_linux:iceowl-l10n-ko", "p-cpe:/a:debian:debian_linux:iceowl-l10n-lt", "p-cpe:/a:debian:debian_linux:iceowl-l10n-nb-no", "p-cpe:/a:debian:debian_linux:iceowl-l10n-nl", "p-cpe:/a:debian:debian_linux:iceowl-l10n-nn-no", "p-cpe:/a:debian:debian_linux:iceowl-l10n-pa-in", "p-cpe:/a:debian:debian_linux:iceowl-l10n-pl", "p-cpe:/a:debian:debian_linux:iceowl-l10n-pt-br", "p-cpe:/a:debian:debian_linux:iceowl-l10n-pt-pt", "p-cpe:/a:debian:debian_linux:iceowl-l10n-rm", "p-cpe:/a:debian:debian_linux:iceowl-l10n-ro", "p-cpe:/a:debian:debian_linux:iceowl-l10n-ru", "p-cpe:/a:debian:debian_linux:iceowl-l10n-si", "p-cpe:/a:debian:debian_linux:iceowl-l10n-sk", "p-cpe:/a:debian:debian_linux:iceowl-l10n-sl", "p-cpe:/a:debian:debian_linux:iceowl-l10n-sq", "p-cpe:/a:debian:debian_linux:iceowl-l10n-sr", "p-cpe:/a:debian:debian_linux:iceowl-l10n-sv-se", "p-cpe:/a:debian:debian_linux:iceowl-l10n-ta-lk", "p-cpe:/a:debian:debian_linux:iceowl-l10n-tr", "p-cpe:/a:debian:debian_linux:iceowl-l10n-uk", "p-cpe:/a:debian:debian_linux:iceowl-l10n-vi", "p-cpe:/a:debian:debian_linux:iceowl-l10n-zh-cn", "p-cpe:/a:debian:debian_linux:iceowl-l10n-zh-tw", "p-cpe:/a:debian:debian_linux:lightning", "p-cpe:/a:debian:debian_linux:lightning-l10n-ar", "p-cpe:/a:debian:debian_linux:lightning-l10n-ast", "p-cpe:/a:debian:debian_linux:lightning-l10n-be", "p-cpe:/a:debian:debian_linux:lightning-l10n-bg", "p-cpe:/a:debian:debian_linux:lightning-l10n-bn-bd", "p-cpe:/a:debian:debian_linux:lightning-l10n-br", "p-cpe:/a:debian:debian_linux:lightning-l10n-ca", "p-cpe:/a:debian:debian_linux:lightning-l10n-cs", "p-cpe:/a:debian:debian_linux:lightning-l10n-cy", "p-cpe:/a:debian:debian_linux:lightning-l10n-da", "p-cpe:/a:debian:debian_linux:lightning-l10n-de", "p-cpe:/a:debian:debian_linux:lightning-l10n-dsb", "p-cpe:/a:debian:debian_linux:lightning-l10n-el", "p-cpe:/a:debian:debian_linux:lightning-l10n-en-gb", "p-cpe:/a:debian:debian_linux:lightning-l10n-es-ar", "p-cpe:/a:debian:debian_linux:lightning-l10n-es-es", "p-cpe:/a:debian:debian_linux:lightning-l10n-et", "p-cpe:/a:debian:debian_linux:lightning-l10n-eu", "p-cpe:/a:debian:debian_linux:lightning-l10n-fi", "p-cpe:/a:debian:debian_linux:lightning-l10n-fr", "p-cpe:/a:debian:debian_linux:lightning-l10n-fy-nl", "p-cpe:/a:debian:debian_linux:lightning-l10n-ga-ie", "p-cpe:/a:debian:debian_linux:lightning-l10n-gd", "p-cpe:/a:debian:debian_linux:lightning-l10n-gl", "p-cpe:/a:debian:debian_linux:lightning-l10n-he", "p-cpe:/a:debian:debian_linux:lightning-l10n-hr", "p-cpe:/a:debian:debian_linux:lightning-l10n-hsb", "p-cpe:/a:debian:debian_linux:lightning-l10n-hu", "p-cpe:/a:debian:debian_linux:lightning-l10n-hy-am", "p-cpe:/a:debian:debian_linux:lightning-l10n-id", "p-cpe:/a:debian:debian_linux:lightning-l10n-is", "p-cpe:/a:debian:debian_linux:lightning-l10n-it", "p-cpe:/a:debian:debian_linux:lightning-l10n-ja", "p-cpe:/a:debian:debian_linux:lightning-l10n-kab", "p-cpe:/a:debian:debian_linux:lightning-l10n-kk", "p-cpe:/a:debian:debian_linux:lightning-l10n-ko", "p-cpe:/a:debian:debian_linux:lightning-l10n-lt", "p-cpe:/a:debian:debian_linux:lightning-l10n-ms", "p-cpe:/a:debian:debian_linux:lightning-l10n-nb-no", "p-cpe:/a:debian:debian_linux:lightning-l10n-nl", "p-cpe:/a:debian:debian_linux:lightning-l10n-nn-no", "p-cpe:/a:debian:debian_linux:lightning-l10n-pa-in", "p-cpe:/a:debian:debian_linux:lightning-l10n-pl", "p-cpe:/a:debian:debian_linux:lightning-l10n-pt-br", "p-cpe:/a:debian:debian_linux:lightning-l10n-pt-pt", "p-cpe:/a:debian:debian_linux:lightning-l10n-rm", "p-cpe:/a:debian:debian_linux:lightning-l10n-ro", "p-cpe:/a:debian:debian_linux:lightning-l10n-ru", "p-cpe:/a:debian:debian_linux:lightning-l10n-si", "p-cpe:/a:debian:debian_linux:lightning-l10n-sk", "p-cpe:/a:debian:debian_linux:lightning-l10n-sl", "p-cpe:/a:debian:debian_linux:lightning-l10n-sq", "p-cpe:/a:debian:debian_linux:lightning-l10n-sr", "p-cpe:/a:debian:debian_linux:lightning-l10n-sv-se", "p-cpe:/a:debian:debian_linux:lightning-l10n-ta-lk", "p-cpe:/a:debian:debian_linux:lightning-l10n-tr", "p-cpe:/a:debian:debian_linux:lightning-l10n-uk", "p-cpe:/a:debian:debian_linux:lightning-l10n-vi", "p-cpe:/a:debian:debian_linux:lightning-l10n-zh-cn", "p-cpe:/a:debian:debian_linux:lightning-l10n-zh-tw", "p-cpe:/a:debian:debian_linux:thunderbird", "p-cpe:/a:debian:debian_linux:thunderbird-dbg", "p-cpe:/a:debian:debian_linux:thunderbird-dev", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-af", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-all", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-ar", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-ast", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-be", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-bg", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-bn-bd", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-br", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-ca", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-cak", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-cs", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-cy", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-da", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-de", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-dsb", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-el", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-en-ca", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-en-gb", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-es-ar", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-es-es", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-et", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-eu", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-fi", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-fr", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-fy-nl", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-ga-ie", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-gd", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-gl", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-he", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-hr", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-hsb", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-hu", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-hy-am", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-id", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-is", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-it", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-ja", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-ka", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-kab", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-kk", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-ko", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-lt", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-lv", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-ms", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-nb-no", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-nl", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-nn-no", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-pa-in", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-pl", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-pt-br", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-pt-pt", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-rm", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-ro", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-ru", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-si", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-sk", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-sl", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-sq", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-sr", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-sv-se", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-ta-lk", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-th", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-tr", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-uk", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-uz", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-vi", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-zh-cn", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-zh-tw", "cpe:/o:debian:debian_linux:9.0"], "id": "DEBIAN_DLA-2939.NASL", "href": "https://www.tenable.com/plugins/nessus/158747", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory dla-2939. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(158747);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/04/25\");\n\n script_cve_id(\"CVE-2022-26485\", \"CVE-2022-26486\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/03/21\");\n\n script_name(english:\"Debian DLA-2939-1 : thunderbird - LTS security update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Debian host is missing one or more security-related updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the\ndla-2939 advisory.\n\n - An unexpected message in the WebGPU IPC framework could lead to a use-after-free and exploitable sandbox\n escape. We have had reports of attacks in the wild abusing this flaw. This vulnerability affects Firefox <\n 97.0.2, Firefox ESR < 91.6.1, Firefox for Android < 97.3.0, Thunderbird < 91.6.2, and Focus < 97.3.0.\n (CVE-2022-26486)\n\n - Removing an XSLT parameter during processing could have lead to an exploitable use-after-free. We have had\n reports of attacks in the wild abusing this flaw. This vulnerability affects Firefox < 97.0.2, Firefox ESR\n < 91.6.1, Firefox for Android < 97.3.0, Thunderbird < 91.6.2, and Focus < 97.3.0. (CVE-2022-26485)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/source-package/thunderbird\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.debian.org/lts/security/2022/dla-2939\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-26485\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-26486\");\n script_set_attribute(attribute:\"see_also\", value:\"https://packages.debian.org/source/stretch/thunderbird\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the thunderbird packages.\n\nFor Debian 9 stretch, these problems have been fixed in version 1\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-26486\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/03/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/03/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/03/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:calendar-google-provider\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-all\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-ar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-ast\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-be\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-bg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-bn-bd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-br\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-ca\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-cs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-da\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-de\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-dsb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-el\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-en-gb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-es-ar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-es-es\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-et\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-eu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-fi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-fr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-fy-nl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-ga-ie\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-gl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-he\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-hr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-hsb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-hu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-hy-am\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-id\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-is\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-it\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-ja\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-kab\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-ko\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-lt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-nb-no\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-nl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-nn-no\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-pa-in\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-pl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-pt-br\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-pt-pt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-rm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-ro\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-ru\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-si\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-sk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-sl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-sq\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-sr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-sv-se\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-ta-lk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-tr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-uk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-vi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-zh-cn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-zh-tw\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-extension\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-ar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-ast\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-be\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-bg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-bn-bd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-br\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-ca\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-cs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-cy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-da\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-de\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-dsb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-el\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-en-gb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-es-ar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-es-es\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-et\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-eu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-fi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-fr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-fy-nl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-ga-ie\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-gl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-he\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-hr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-hsb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-hu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-hy-am\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-id\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-is\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-it\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-ja\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-kab\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-ko\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-lt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-nb-no\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-nl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-nn-no\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-pa-in\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-pl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-pt-br\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-pt-pt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-rm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-ro\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-ru\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-si\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-sk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-sl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-sq\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-sr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-sv-se\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-ta-lk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-tr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-uk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-vi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-zh-cn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-zh-tw\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-ar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-ast\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-be\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-bg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-bn-bd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-br\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-ca\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-cs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-cy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-da\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-de\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-dsb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-el\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-en-gb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-es-ar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-es-es\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-et\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-eu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-fi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-fr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-fy-nl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-ga-ie\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-gl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-he\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-hr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-hsb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-hu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-hy-am\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-id\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-is\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-it\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-ja\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-kab\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-kk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-ko\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-lt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-ms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-nb-no\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-nl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-nn-no\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-pa-in\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-pl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-pt-br\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-pt-pt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-rm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-ro\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-ru\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-si\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-sk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-sl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-sq\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-sr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-sv-se\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-ta-lk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-tr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-uk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-vi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-zh-cn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-zh-tw\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-af\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-all\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-ar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-ast\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-be\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-bg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-bn-bd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-br\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-ca\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-cak\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-cs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-cy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-da\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-de\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-dsb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-el\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-en-ca\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-en-gb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-es-ar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-es-es\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-et\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-eu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-fi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-fr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-fy-nl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-ga-ie\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-gl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-he\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-hr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-hsb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-hu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-hy-am\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-id\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-is\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-it\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-ja\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-ka\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-kab\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-kk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-ko\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-lt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-lv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-ms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-nb-no\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-nl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-nn-no\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-pa-in\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-pl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-pt-br\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-pt-pt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-rm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-ro\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-ru\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-si\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-sk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-sl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-sq\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-sr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-sv-se\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-ta-lk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-th\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-tr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-uk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-uz\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-vi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-zh-cn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-zh-tw\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Debian Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('debian_package.inc');\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar release = get_kb_item('Host/Debian/release');\nif ( isnull(release) ) audit(AUDIT_OS_NOT, 'Debian');\nvar release = chomp(release);\nif (! preg(pattern:\"^(9)\\.[0-9]+\", string:release)) audit(AUDIT_OS_NOT, 'Debian 9.0', 'Debian ' + release);\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Debian', cpu);\n\nvar pkgs = [\n {'release': '9.0', 'prefix': 'calendar-google-provider', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-dbg', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-dev', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-l10n-all', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-l10n-ar', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-l10n-ast', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-l10n-be', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-l10n-bg', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-l10n-bn-bd', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-l10n-br', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-l10n-ca', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-l10n-cs', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-l10n-da', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-l10n-de', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-l10n-dsb', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-l10n-el', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-l10n-en-gb', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-l10n-es-ar', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-l10n-es-es', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-l10n-et', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-l10n-eu', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-l10n-fi', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-l10n-fr', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-l10n-fy-nl', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-l10n-ga-ie', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-l10n-gd', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-l10n-gl', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-l10n-he', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-l10n-hr', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-l10n-hsb', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-l10n-hu', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-l10n-hy-am', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-l10n-id', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-l10n-is', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-l10n-it', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-l10n-ja', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-l10n-kab', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-l10n-ko', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-l10n-lt', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-l10n-nb-no', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-l10n-nl', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-l10n-nn-no', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-l10n-pa-in', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-l10n-pl', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-l10n-pt-br', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-l10n-pt-pt', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-l10n-rm', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-l10n-ro', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-l10n-ru', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-l10n-si', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-l10n-sk', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-l10n-sl', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-l10n-sq', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-l10n-sr', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-l10n-sv-se', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-l10n-ta-lk', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-l10n-tr', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-l10n-uk', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-l10n-vi', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-l10n-zh-cn', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'icedove-l10n-zh-tw', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceowl-extension', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceowl-l10n-ar', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceowl-l10n-ast', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceowl-l10n-be', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceowl-l10n-bg', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceowl-l10n-bn-bd', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceowl-l10n-br', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceowl-l10n-ca', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceowl-l10n-cs', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceowl-l10n-cy', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceowl-l10n-da', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceowl-l10n-de', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceowl-l10n-dsb', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceowl-l10n-el', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceowl-l10n-en-gb', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceowl-l10n-es-ar', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceowl-l10n-es-es', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceowl-l10n-et', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceowl-l10n-eu', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceowl-l10n-fi', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceowl-l10n-fr', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceowl-l10n-fy-nl', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceowl-l10n-ga-ie', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceowl-l10n-gd', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceowl-l10n-gl', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceowl-l10n-he', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceowl-l10n-hr', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceowl-l10n-hsb', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceowl-l10n-hu', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceowl-l10n-hy-am', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceowl-l10n-id', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceowl-l10n-is', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceowl-l10n-it', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceowl-l10n-ja', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceowl-l10n-kab', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceowl-l10n-ko', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceowl-l10n-lt', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceowl-l10n-nb-no', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceowl-l10n-nl', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceowl-l10n-nn-no', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceowl-l10n-pa-in', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceowl-l10n-pl', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceowl-l10n-pt-br', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceowl-l10n-pt-pt', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceowl-l10n-rm', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceowl-l10n-ro', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceowl-l10n-ru', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceowl-l10n-si', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceowl-l10n-sk', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceowl-l10n-sl', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceowl-l10n-sq', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceowl-l10n-sr', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceowl-l10n-sv-se', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceowl-l10n-ta-lk', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceowl-l10n-tr', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceowl-l10n-uk', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceowl-l10n-vi', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceowl-l10n-zh-cn', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'iceowl-l10n-zh-tw', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-ar', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-ast', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-be', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-bg', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-bn-bd', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-br', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-ca', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-cs', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-cy', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-da', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-de', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-dsb', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-el', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-en-gb', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-es-ar', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-es-es', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-et', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-eu', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-fi', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-fr', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-fy-nl', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-ga-ie', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-gd', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-gl', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-he', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-hr', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-hsb', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-hu', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-hy-am', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-id', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-is', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-it', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-ja', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-kab', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-kk', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-ko', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-lt', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-ms', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-nb-no', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-nl', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-nn-no', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-pa-in', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-pl', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-pt-br', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-pt-pt', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-rm', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-ro', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-ru', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-si', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-sk', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-sl', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-sq', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-sr', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-sv-se', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-ta-lk', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-tr', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-uk', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-vi', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-zh-cn', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'lightning-l10n-zh-tw', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-dbg', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-dev', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-af', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-all', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-ar', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-ast', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-be', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-bg', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-bn-bd', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-br', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-ca', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-cak', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-cs', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-cy', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-da', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-de', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-dsb', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-el', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-en-ca', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-en-gb', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-es-ar', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-es-es', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-et', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-eu', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-fi', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-fr', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-fy-nl', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-ga-ie', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-gd', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-gl', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-he', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-hr', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-hsb', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-hu', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-hy-am', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-id', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-is', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-it', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-ja', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-ka', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-kab', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-kk', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-ko', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-lt', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-lv', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-ms', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-nb-no', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-nl', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-nn-no', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-pa-in', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-pl', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-pt-br', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-pt-pt', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-rm', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-ro', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-ru', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-si', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-sk', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-sl', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-sq', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-sr', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-sv-se', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-ta-lk', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-th', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-tr', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-uk', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-uz', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-vi', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-zh-cn', 'reference': '1:91.6.2-1~deb9u1'},\n {'release': '9.0', 'prefix': 'thunderbird-l10n-zh-tw', 'reference': '1:91.6.2-1~deb9u1'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var release = NULL;\n var prefix = NULL;\n var reference = NULL;\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['prefix'])) prefix = package_array['prefix'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (release && prefix && reference) {\n if (deb_check(release:release, prefix:prefix, reference:reference)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : deb_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = deb_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'calendar-google-provider / icedove / icedove-dbg / icedove-dev / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-23T15:19:20", "description": "The version of Firefox ESR installed on the remote macOS or Mac OS X host is prior to 91.6.1. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2022-09 advisory.\n\n - Removing an XSLT parameter during processing could have lead to an exploitable use-after-free. We have had reports of attacks in the wild abusing this flaw. (CVE-2022-26485)\n\n - An unexpected message in the WebGPU IPC framework could lead to a use-after-free and exploitable sandbox escape. We have had reports of attacks in the wild abusing this flaw. (CVE-2022-26486)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-03-07T00:00:00", "type": "nessus", "title": "Mozilla Firefox ESR < 91.6.1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-26485", "CVE-2022-26486"], "modified": "2023-04-25T00:00:00", "cpe": ["cpe:/a:mozilla:firefox_esr"], "id": "MACOS_FIREFOX_91_6_1_ESR.NASL", "href": "https://www.tenable.com/plugins/nessus/158652", "sourceData": "#%NASL_MIN_LEVEL 70300\n## \n# (C) Tenable Network Security, Inc.\n# \n# The descriptive text and package checks in this plugin were\n# extracted from Mozilla Foundation Security Advisory mfsa2022-09.\n# The text itself is copyright (C) Mozilla Foundation.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(158652);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/04/25\");\n\n script_cve_id(\"CVE-2022-26485\", \"CVE-2022-26486\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/03/21\");\n script_xref(name:\"IAVA\", value:\"2022-A-0103-S\");\n\n script_name(english:\"Mozilla Firefox ESR < 91.6.1\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A web browser installed on the remote macOS or Mac OS X host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Firefox ESR installed on the remote macOS or Mac OS X host is prior to 91.6.1. It is, therefore, affected\nby multiple vulnerabilities as referenced in the mfsa2022-09 advisory.\n\n - Removing an XSLT parameter during processing could have lead to an exploitable use-after-free. We have had\n reports of attacks in the wild abusing this flaw. (CVE-2022-26485)\n\n - An unexpected message in the WebGPU IPC framework could lead to a use-after-free and exploitable sandbox\n escape. We have had reports of attacks in the wild abusing this flaw. (CVE-2022-26486)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2022-09/\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Mozilla Firefox ESR version 91.6.1 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-26486\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/03/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/03/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/03/07\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:mozilla:firefox_esr\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"macosx_firefox_installed.nasl\");\n script_require_keys(\"MacOSX/Firefox/Version\");\n\n exit(0);\n}\n\ninclude('mozilla_version.inc');\n\nvar kb_base = 'MacOSX/Firefox';\nget_kb_item_or_exit(kb_base+'/Installed');\n\nvar version = get_kb_item_or_exit(kb_base+'/Version', exit_code:1);\nvar path = get_kb_item_or_exit(kb_base+'/Path', exit_code:1);\n\nvar is_esr = get_kb_item(kb_base+'/is_esr');\nif (isnull(is_esr)) audit(AUDIT_NOT_INST, 'Mozilla Firefox ESR');\n\nmozilla_check_version(version:version, path:path, product:'firefox', esr:TRUE, fix:'91.6.1', min:'91.0.0', severity:SECURITY_HOLE);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-23T15:19:28", "description": "The remote Debian 10 / 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5094 advisory.\n\n - An unexpected message in the WebGPU IPC framework could lead to a use-after-free and exploitable sandbox escape. We have had reports of attacks in the wild abusing this flaw. This vulnerability affects Firefox < 97.0.2, Firefox ESR < 91.6.1, Firefox for Android < 97.3.0, Thunderbird < 91.6.2, and Focus < 97.3.0.\n (CVE-2022-26486)\n\n - Removing an XSLT parameter during processing could have lead to an exploitable use-after-free. We have had reports of attacks in the wild abusing this flaw. This vulnerability affects Firefox < 97.0.2, Firefox ESR < 91.6.1, Firefox for Android < 97.3.0, Thunderbird < 91.6.2, and Focus < 97.3.0. (CVE-2022-26485)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-03-09T00:00:00", "type": "nessus", "title": "Debian DSA-5094-1 : thunderbird - security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-26485", "CVE-2022-26486"], "modified": "2023-04-25T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:thunderbird-l10n-rm", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-ro", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-ru", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-si", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-sk", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-sl", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-sq", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-sr", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-sv-se", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-th", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-tr", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-uk", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-uz", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-vi", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-zh-cn", "p-cpe:/a:debian:debian_linux:calendar-google-provider", "p-cpe:/a:debian:debian_linux:lightning", "p-cpe:/a:debian:debian_linux:thunderbird", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-af", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-all", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-ar", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-ast", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-be", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-bg", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-br", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-ca", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-zh-tw", "cpe:/o:debian:debian_linux:10.0", "cpe:/o:debian:debian_linux:11.0", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-cak", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-cs", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-cy", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-da", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-de", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-dsb", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-el", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-en-ca", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-en-gb", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-es-ar", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-es-es", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-et", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-eu", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-fi", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-fr", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-fy-nl", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-ga-ie", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-gd", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-gl", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-he", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-hr", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-hsb", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-hu", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-hy-am", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-id", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-is", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-it", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-ja", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-ka", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-kab", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-kk", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-ko", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-lt", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-lv", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-ms", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-nb-no", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-nl", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-nn-no", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-pa-in", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-pl", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-pt-br", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-pt-pt"], "id": "DEBIAN_DSA-5094.NASL", "href": "https://www.tenable.com/plugins/nessus/158746", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory dsa-5094. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(158746);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/04/25\");\n\n script_cve_id(\"CVE-2022-26485\", \"CVE-2022-26486\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/03/21\");\n\n script_name(english:\"Debian DSA-5094-1 : thunderbird - security update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Debian host is missing one or more security-related updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Debian 10 / 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the\ndsa-5094 advisory.\n\n - An unexpected message in the WebGPU IPC framework could lead to a use-after-free and exploitable sandbox\n escape. We have had reports of attacks in the wild abusing this flaw. This vulnerability affects Firefox <\n 97.0.2, Firefox ESR < 91.6.1, Firefox for Android < 97.3.0, Thunderbird < 91.6.2, and Focus < 97.3.0.\n (CVE-2022-26486)\n\n - Removing an XSLT parameter during processing could have lead to an exploitable use-after-free. We have had\n reports of attacks in the wild abusing this flaw. This vulnerability affects Firefox < 97.0.2, Firefox ESR\n < 91.6.1, Firefox for Android < 97.3.0, Thunderbird < 91.6.2, and Focus < 97.3.0. (CVE-2022-26485)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/source-package/thunderbird\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.debian.org/security/2022/dsa-5094\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-26485\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-26486\");\n script_set_attribute(attribute:\"see_also\", value:\"https://packages.debian.org/source/buster/thunderbird\");\n script_set_attribute(attribute:\"see_also\", value:\"https://packages.debian.org/source/bullseye/thunderbird\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the thunderbird packages.\n\nFor the stable distribution (bullseye), these problems have been fixed in version 1\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-26486\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/03/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/03/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/03/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:calendar-google-provider\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-af\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-all\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-ar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-ast\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-be\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-bg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-br\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-ca\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-cak\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-cs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-cy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-da\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-de\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-dsb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-el\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-en-ca\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-en-gb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-es-ar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-es-es\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-et\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-eu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-fi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-fr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-fy-nl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-ga-ie\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-gl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-he\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-hr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-hsb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-hu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-hy-am\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-id\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-is\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-it\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-ja\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-ka\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-kab\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-kk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-ko\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-lt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-lv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-ms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-nb-no\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-nl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-nn-no\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-pa-in\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-pl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-pt-br\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-pt-pt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-rm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-ro\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-ru\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-si\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-sk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-sl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-sq\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-sr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-sv-se\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-th\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-tr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-uk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-uz\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-vi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-zh-cn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-zh-tw\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:10.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:11.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Debian Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('debian_package.inc');\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar release = get_kb_item('Host/Debian/release');\nif ( isnull(release) ) audit(AUDIT_OS_NOT, 'Debian');\nvar release = chomp(release);\nif (! preg(pattern:\"^(10)\\.[0-9]+|^(11)\\.[0-9]+\", string:release)) audit(AUDIT_OS_NOT, 'Debian 10.0 / 11.0', 'Debian ' + release);\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Debian', cpu);\n\nvar pkgs = [\n {'release': '10.0', 'prefix': 'calendar-google-provider', 'reference': '1:91.6.2-1~deb10u1'},\n {'release': '10.0', 'prefix': 'lightning', 'reference': '1:91.6.2-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird', 'reference': '1:91.6.2-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-af', 'reference': '1:91.6.2-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-all', 'reference': '1:91.6.2-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-ar', 'reference': '1:91.6.2-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-ast', 'reference': '1:91.6.2-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-be', 'reference': '1:91.6.2-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-bg', 'reference': '1:91.6.2-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-br', 'reference': '1:91.6.2-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-ca', 'reference': '1:91.6.2-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-cak', 'reference': '1:91.6.2-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-cs', 'reference': '1:91.6.2-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-cy', 'reference': '1:91.6.2-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-da', 'reference': '1:91.6.2-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-de', 'reference': '1:91.6.2-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-dsb', 'reference': '1:91.6.2-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-el', 'reference': '1:91.6.2-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-en-ca', 'reference': '1:91.6.2-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-en-gb', 'reference': '1:91.6.2-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-es-ar', 'reference': '1:91.6.2-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-es-es', 'reference': '1:91.6.2-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-et', 'reference': '1:91.6.2-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-eu', 'reference': '1:91.6.2-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-fi', 'reference': '1:91.6.2-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-fr', 'reference': '1:91.6.2-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-fy-nl', 'reference': '1:91.6.2-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-ga-ie', 'reference': '1:91.6.2-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-gd', 'reference': '1:91.6.2-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-gl', 'reference': '1:91.6.2-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-he', 'reference': '1:91.6.2-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-hr', 'reference': '1:91.6.2-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-hsb', 'reference': '1:91.6.2-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-hu', 'reference': '1:91.6.2-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-hy-am', 'reference': '1:91.6.2-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-id', 'reference': '1:91.6.2-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-is', 'reference': '1:91.6.2-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-it', 'reference': '1:91.6.2-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-ja', 'reference': '1:91.6.2-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-ka', 'reference': '1:91.6.2-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-kab', 'reference': '1:91.6.2-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-kk', 'reference': '1:91.6.2-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-ko', 'reference': '1:91.6.2-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-lt', 'reference': '1:91.6.2-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-lv', 'reference': '1:91.6.2-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-ms', 'reference': '1:91.6.2-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-nb-no', 'reference': '1:91.6.2-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-nl', 'reference': '1:91.6.2-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-nn-no', 'reference': '1:91.6.2-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-pa-in', 'reference': '1:91.6.2-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-pl', 'reference': '1:91.6.2-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-pt-br', 'reference': '1:91.6.2-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-pt-pt', 'reference': '1:91.6.2-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-rm', 'reference': '1:91.6.2-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-ro', 'reference': '1:91.6.2-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-ru', 'reference': '1:91.6.2-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-si', 'reference': '1:91.6.2-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-sk', 'reference': '1:91.6.2-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-sl', 'reference': '1:91.6.2-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-sq', 'reference': '1:91.6.2-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-sr', 'reference': '1:91.6.2-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-sv-se', 'reference': '1:91.6.2-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-th', 'reference': '1:91.6.2-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-tr', 'reference': '1:91.6.2-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-uk', 'reference': '1:91.6.2-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-uz', 'reference': '1:91.6.2-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-vi', 'reference': '1:91.6.2-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-zh-cn', 'reference': '1:91.6.2-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-zh-tw', 'reference': '1:91.6.2-1~deb10u1'},\n {'release': '11.0', 'prefix': 'calendar-google-provider', 'reference': '1:91.6.2-1~deb11u1'},\n {'release': '11.0', 'prefix': 'lightning', 'reference': '1:91.6.2-1~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird', 'reference': '1:91.6.2-1~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-af', 'reference': '1:91.6.2-1~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-all', 'reference': '1:91.6.2-1~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-ar', 'reference': '1:91.6.2-1~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-ast', 'reference': '1:91.6.2-1~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-be', 'reference': '1:91.6.2-1~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-bg', 'reference': '1:91.6.2-1~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-br', 'reference': '1:91.6.2-1~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-ca', 'reference': '1:91.6.2-1~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-cak', 'reference': '1:91.6.2-1~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-cs', 'reference': '1:91.6.2-1~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-cy', 'reference': '1:91.6.2-1~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-da', 'reference': '1:91.6.2-1~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-de', 'reference': '1:91.6.2-1~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-dsb', 'reference': '1:91.6.2-1~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-el', 'reference': '1:91.6.2-1~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-en-ca', 'reference': '1:91.6.2-1~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-en-gb', 'reference': '1:91.6.2-1~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-es-ar', 'reference': '1:91.6.2-1~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-es-es', 'reference': '1:91.6.2-1~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-et', 'reference': '1:91.6.2-1~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-eu', 'reference': '1:91.6.2-1~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-fi', 'reference': '1:91.6.2-1~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-fr', 'reference': '1:91.6.2-1~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-fy-nl', 'reference': '1:91.6.2-1~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-ga-ie', 'reference': '1:91.6.2-1~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-gd', 'reference': '1:91.6.2-1~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-gl', 'reference': '1:91.6.2-1~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-he', 'reference': '1:91.6.2-1~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-hr', 'reference': '1:91.6.2-1~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-hsb', 'reference': '1:91.6.2-1~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-hu', 'reference': '1:91.6.2-1~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-hy-am', 'reference': '1:91.6.2-1~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-id', 'reference': '1:91.6.2-1~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-is', 'reference': '1:91.6.2-1~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-it', 'reference': '1:91.6.2-1~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-ja', 'reference': '1:91.6.2-1~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-ka', 'reference': '1:91.6.2-1~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-kab', 'reference': '1:91.6.2-1~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-kk', 'reference': '1:91.6.2-1~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-ko', 'reference': '1:91.6.2-1~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-lt', 'reference': '1:91.6.2-1~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-lv', 'reference': '1:91.6.2-1~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-ms', 'reference': '1:91.6.2-1~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-nb-no', 'reference': '1:91.6.2-1~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-nl', 'reference': '1:91.6.2-1~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-nn-no', 'reference': '1:91.6.2-1~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-pa-in', 'reference': '1:91.6.2-1~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-pl', 'reference': '1:91.6.2-1~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-pt-br', 'reference': '1:91.6.2-1~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-pt-pt', 'reference': '1:91.6.2-1~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-rm', 'reference': '1:91.6.2-1~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-ro', 'reference': '1:91.6.2-1~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-ru', 'reference': '1:91.6.2-1~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-si', 'reference': '1:91.6.2-1~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-sk', 'reference': '1:91.6.2-1~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-sl', 'reference': '1:91.6.2-1~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-sq', 'reference': '1:91.6.2-1~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-sr', 'reference': '1:91.6.2-1~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-sv-se', 'reference': '1:91.6.2-1~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-th', 'reference': '1:91.6.2-1~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-tr', 'reference': '1:91.6.2-1~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-uk', 'reference': '1:91.6.2-1~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-uz', 'reference': '1:91.6.2-1~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-vi', 'reference': '1:91.6.2-1~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-zh-cn', 'reference': '1:91.6.2-1~deb11u1'},\n {'release': '11.0', 'prefix': 'thunderbird-l10n-zh-tw', 'reference': '1:91.6.2-1~deb11u1'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var release = NULL;\n var prefix = NULL;\n var reference = NULL;\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['prefix'])) prefix = package_array['prefix'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (release && prefix && reference) {\n if (deb_check(release:release, prefix:prefix, reference:reference)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : deb_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = deb_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'calendar-google-provider / lightning / thunderbird / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-23T15:19:38", "description": "The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2022:0783-1 advisory.\n\n - Removing an XSLT parameter during processing could have lead to an exploitable use-after-free. We have had reports of attacks in the wild abusing this flaw. (CVE-2022-26485)\n\n - An unexpected message in the WebGPU IPC framework could lead to a use-after-free and exploitable sandbox escape. We have had reports of attacks in the wild abusing this flaw. (CVE-2022-26486)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-03-10T00:00:00", "type": "nessus", "title": "openSUSE 15 Security Update : MozillaFirefox (openSUSE-SU-2022:0783-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-26485", "CVE-2022-26486"], "modified": "2023-04-25T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:mozillafirefox", "p-cpe:/a:novell:opensuse:mozillafirefox-branding-upstream", "p-cpe:/a:novell:opensuse:mozillafirefox-devel", "p-cpe:/a:novell:opensuse:mozillafirefox-translations-common", "p-cpe:/a:novell:opensuse:mozillafirefox-translations-other", "cpe:/o:novell:opensuse:15.3"], "id": "OPENSUSE-2022-0783-1.NASL", "href": "https://www.tenable.com/plugins/nessus/158775", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# openSUSE Security Update openSUSE-SU-2022:0783-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(158775);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/04/25\");\n\n script_cve_id(\"CVE-2022-26485\", \"CVE-2022-26486\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/03/21\");\n script_xref(name:\"IAVA\", value:\"2022-A-0103-S\");\n\n script_name(english:\"openSUSE 15 Security Update : MozillaFirefox (openSUSE-SU-2022:0783-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in\nthe openSUSE-SU-2022:0783-1 advisory.\n\n - Removing an XSLT parameter during processing could have lead to an exploitable use-after-free. We have had\n reports of attacks in the wild abusing this flaw. (CVE-2022-26485)\n\n - An unexpected message in the WebGPU IPC framework could lead to a use-after-free and exploitable sandbox\n escape. We have had reports of attacks in the wild abusing this flaw. (CVE-2022-26486)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1196809\");\n # https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/IZLR36GLK5UWW34Z6YUDXKWIHXMQEYSY/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?7d4e5e65\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-26485\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-26486\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-26486\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/03/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/03/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/03/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaFirefox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaFirefox-branding-upstream\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaFirefox-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaFirefox-translations-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaFirefox-translations-other\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.3\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/SuSE/release');\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, 'openSUSE');\nvar os_ver = pregmatch(pattern: \"^SUSE([\\d.]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'openSUSE');\nos_ver = os_ver[1];\nif (release !~ \"^(SUSE15\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, 'openSUSE', '15.3', release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'openSUSE ' + os_ver, cpu);\n\nvar pkgs = [\n {'reference':'MozillaFirefox-91.6.1-152.19.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'MozillaFirefox-branding-upstream-91.6.1-152.19.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'MozillaFirefox-devel-91.6.1-152.19.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'MozillaFirefox-translations-common-91.6.1-152.19.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'MozillaFirefox-translations-other-91.6.1-152.19.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var cpu = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && release) {\n if (rpm_check(release:release, cpu:cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'MozillaFirefox / MozillaFirefox-branding-upstream / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-23T15:20:38", "description": "The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0783-1 advisory.\n\n - Removing an XSLT parameter during processing could have lead to an exploitable use-after-free. We have had reports of attacks in the wild abusing this flaw. This vulnerability affects Firefox < 97.0.2, Firefox ESR < 91.6.1, Firefox for Android < 97.3.0, Thunderbird < 91.6.2, and Focus < 97.3.0. (CVE-2022-26485)\n\n - An unexpected message in the WebGPU IPC framework could lead to a use-after-free and exploitable sandbox escape. We have had reports of attacks in the wild abusing this flaw. This vulnerability affects Firefox < 97.0.2, Firefox ESR < 91.6.1, Firefox for Android < 97.3.0, Thunderbird < 91.6.2, and Focus < 97.3.0.\n (CVE-2022-26486)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-03-10T00:00:00", "type": "nessus", "title": "SUSE SLED15 / SLES15 Security Update : MozillaFirefox (SUSE-SU-2022:0783-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-26485", "CVE-2022-26486"], "modified": "2023-07-14T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:mozillafirefox", "p-cpe:/a:novell:suse_linux:mozillafirefox-devel", "p-cpe:/a:novell:suse_linux:mozillafirefox-translations-common", "p-cpe:/a:novell:suse_linux:mozillafirefox-translations-other", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2022-0783-1.NASL", "href": "https://www.tenable.com/plugins/nessus/158768", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2022:0783-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(158768);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/07/14\");\n\n script_cve_id(\"CVE-2022-26485\", \"CVE-2022-26486\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/03/21\");\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2022:0783-1\");\n script_xref(name:\"IAVA\", value:\"2022-A-0103-S\");\n\n script_name(english:\"SUSE SLED15 / SLES15 Security Update : MozillaFirefox (SUSE-SU-2022:0783-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 host has packages installed that are affected by\nmultiple vulnerabilities as referenced in the SUSE-SU-2022:0783-1 advisory.\n\n - Removing an XSLT parameter during processing could have lead to an exploitable use-after-free. We have had\n reports of attacks in the wild abusing this flaw. This vulnerability affects Firefox < 97.0.2, Firefox ESR\n < 91.6.1, Firefox for Android < 97.3.0, Thunderbird < 91.6.2, and Focus < 97.3.0. (CVE-2022-26485)\n\n - An unexpected message in the WebGPU IPC framework could lead to a use-after-free and exploitable sandbox\n escape. We have had reports of attacks in the wild abusing this flaw. This vulnerability affects Firefox <\n 97.0.2, Firefox ESR < 91.6.1, Firefox for Android < 97.3.0, Thunderbird < 91.6.2, and Focus < 97.3.0.\n (CVE-2022-26486)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1196809\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-26485\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-26486\");\n # https://lists.suse.com/pipermail/sle-security-updates/2022-March/010407.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?383098ad\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected MozillaFirefox, MozillaFirefox-devel, MozillaFirefox-translations-common and / or MozillaFirefox-\ntranslations-other packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-26486\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/03/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/03/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/03/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:MozillaFirefox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:MozillaFirefox-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:MozillaFirefox-translations-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:MozillaFirefox-translations-other\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(os_release) || os_release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)(?:_SAP)?\\d+)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLED_SAP15|SLES15|SLES_SAP15)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15', 'SUSE (' + os_ver + ')');\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE (' + os_ver + ')', cpu);\n\nvar service_pack = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(service_pack)) service_pack = \"0\";\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(3|4)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLED15 SP3/4\", os_ver + \" SP\" + service_pack);\nif (os_ver == \"SLED_SAP15\" && (! preg(pattern:\"^(3|4)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLED_SAP15 SP3/4\", os_ver + \" SP\" + service_pack);\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(2|3|4)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES15 SP2/3/4\", os_ver + \" SP\" + service_pack);\nif (os_ver == \"SLES_SAP15\" && (! preg(pattern:\"^(2|3|4)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES_SAP15 SP2/3/4\", os_ver + \" SP\" + service_pack);\n\nvar pkgs = [\n {'reference':'MozillaFirefox-91.6.1-152.19.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLES_SAP-release-15.2']},\n {'reference':'MozillaFirefox-devel-91.6.1-152.19.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLES_SAP-release-15.2']},\n {'reference':'MozillaFirefox-translations-common-91.6.1-152.19.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLES_SAP-release-15.2']},\n {'reference':'MozillaFirefox-translations-other-91.6.1-152.19.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLES_SAP-release-15.2']},\n {'reference':'MozillaFirefox-91.6.1-152.19.1', 'sp':'3', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLES_SAP-release-15.3']},\n {'reference':'MozillaFirefox-91.6.1-152.19.1', 'sp':'3', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLES_SAP-release-15.3']},\n {'reference':'MozillaFirefox-devel-91.6.1-152.19.1', 'sp':'3', 'cpu':'aarch64', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLES_SAP-release-15.3']},\n {'reference':'MozillaFirefox-devel-91.6.1-152.19.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLES_SAP-release-15.3']},\n {'reference':'MozillaFirefox-devel-91.6.1-152.19.1', 'sp':'3', 'cpu':'aarch64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLES_SAP-release-15.3']},\n {'reference':'MozillaFirefox-devel-91.6.1-152.19.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLES_SAP-release-15.3']},\n {'reference':'MozillaFirefox-translations-common-91.6.1-152.19.1', 'sp':'3', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLES_SAP-release-15.3']},\n {'reference':'MozillaFirefox-translations-common-91.6.1-152.19.1', 'sp':'3', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLES_SAP-release-15.3']},\n {'reference':'MozillaFirefox-translations-other-91.6.1-152.19.1', 'sp':'3', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLES_SAP-release-15.3']},\n {'reference':'MozillaFirefox-translations-other-91.6.1-152.19.1', 'sp':'3', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLES_SAP-release-15.3']},\n {'reference':'MozillaFirefox-91.6.1-152.19.1', 'sp':'4', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLES_SAP-release-15.4']},\n {'reference':'MozillaFirefox-91.6.1-152.19.1', 'sp':'4', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLES_SAP-release-15.4']},\n {'reference':'MozillaFirefox-devel-91.6.1-152.19.1', 'sp':'4', 'cpu':'aarch64', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLES_SAP-release-15.4']},\n {'reference':'MozillaFirefox-devel-91.6.1-152.19.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLES_SAP-release-15.4']},\n {'reference':'MozillaFirefox-devel-91.6.1-152.19.1', 'sp':'4', 'cpu':'aarch64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLES_SAP-release-15.4']},\n {'reference':'MozillaFirefox-devel-91.6.1-152.19.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLES_SAP-release-15.4']},\n {'reference':'MozillaFirefox-translations-common-91.6.1-152.19.1', 'sp':'4', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLES_SAP-release-15.4']},\n {'reference':'MozillaFirefox-translations-common-91.6.1-152.19.1', 'sp':'4', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLES_SAP-release-15.4']},\n {'reference':'MozillaFirefox-translations-other-91.6.1-152.19.1', 'sp':'4', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLES_SAP-release-15.4']},\n {'reference':'MozillaFirefox-translations-other-91.6.1-152.19.1', 'sp':'4', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLES_SAP-release-15.4']},\n {'reference':'MozillaFirefox-91.6.1-152.19.1', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-2']},\n {'reference':'MozillaFirefox-91.6.1-152.19.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-2', 'SLE_RT-release-15.2', 'sles-release-15.2']},\n {'reference':'MozillaFirefox-devel-91.6.1-152.19.1', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-2']},\n {'reference':'MozillaFirefox-devel-91.6.1-152.19.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-2', 'SLE_RT-release-15.2', 'sles-release-15.2']},\n {'reference':'MozillaFirefox-translations-common-91.6.1-152.19.1', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-2']},\n {'reference':'MozillaFirefox-translations-common-91.6.1-152.19.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-2', 'SLE_RT-release-15.2', 'sles-release-15.2']},\n {'reference':'MozillaFirefox-translations-other-91.6.1-152.19.1', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-2']},\n {'reference':'MozillaFirefox-translations-other-91.6.1-152.19.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-2', 'SLE_RT-release-15.2', 'sles-release-15.2']},\n {'reference':'MozillaFirefox-91.6.1-152.19.1', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2']},\n {'reference':'MozillaFirefox-91.6.1-152.19.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2']},\n {'reference':'MozillaFirefox-devel-91.6.1-152.19.1', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2']},\n {'reference':'MozillaFirefox-devel-91.6.1-152.19.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2']},\n {'reference':'MozillaFirefox-translations-common-91.6.1-152.19.1', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2']},\n {'reference':'MozillaFirefox-translations-common-91.6.1-152.19.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2']},\n {'reference':'MozillaFirefox-translations-other-91.6.1-152.19.1', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2']},\n {'reference':'MozillaFirefox-translations-other-91.6.1-152.19.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2']},\n {'reference':'MozillaFirefox-91.6.1-152.19.1', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-release-15.3', 'SUSE-Manager-Proxy-release-4.2', 'SUSE-Manager-Server-release-4.2', 'sle-module-desktop-applications-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'MozillaFirefox-91.6.1-152.19.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-release-15.3', 'SUSE-Manager-Proxy-release-4.2', 'SUSE-Manager-Server-release-4.2', 'sle-module-desktop-applications-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'MozillaFirefox-devel-91.6.1-152.19.1', 'sp':'3', 'cpu':'aarch64', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-release-15.3', 'SUSE-Manager-Proxy-release-4.2', 'SUSE-Manager-Server-release-4.2', 'sle-module-desktop-applications-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'MozillaFirefox-devel-91.6.1-152.19.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-release-15.3', 'SUSE-Manager-Proxy-release-4.2', 'SUSE-Manager-Server-release-4.2', 'sle-module-desktop-applications-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'MozillaFirefox-devel-91.6.1-152.19.1', 'sp':'3', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-release-15.3', 'SUSE-Manager-Proxy-release-4.2', 'SUSE-Manager-Server-release-4.2', 'sle-module-desktop-applications-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'MozillaFirefox-devel-91.6.1-152.19.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-release-15.3', 'SUSE-Manager-Proxy-release-4.2', 'SUSE-Manager-Server-release-4.2', 'sle-module-desktop-applications-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'MozillaFirefox-translations-common-91.6.1-152.19.1', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-release-15.3', 'SUSE-Manager-Proxy-release-4.2', 'SUSE-Manager-Server-release-4.2', 'sle-module-desktop-applications-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'MozillaFirefox-translations-common-91.6.1-152.19.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-release-15.3', 'SUSE-Manager-Proxy-release-4.2', 'SUSE-Manager-Server-release-4.2', 'sle-module-desktop-applications-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'MozillaFirefox-translations-other-91.6.1-152.19.1', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-release-15.3', 'SUSE-Manager-Proxy-release-4.2', 'SUSE-Manager-Server-release-4.2', 'sle-module-desktop-applications-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'MozillaFirefox-translations-other-91.6.1-152.19.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-release-15.3', 'SUSE-Manager-Proxy-release-4.2', 'SUSE-Manager-Server-release-4.2', 'sle-module-desktop-applications-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'MozillaFirefox-91.6.1-152.19.1', 'sp':'4', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'sle-module-desktop-applications-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'MozillaFirefox-91.6.1-152.19.1', 'sp':'4', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'sle-module-desktop-applications-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'MozillaFirefox-devel-91.6.1-152.19.1', 'sp':'4', 'cpu':'aarch64', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'sle-module-desktop-applications-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'MozillaFirefox-devel-91.6.1-152.19.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'sle-module-desktop-applications-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'MozillaFirefox-devel-91.6.1-152.19.1', 'sp':'4', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'sle-module-desktop-applications-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'MozillaFirefox-devel-91.6.1-152.19.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'sle-module-desktop-applications-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'MozillaFirefox-translations-common-91.6.1-152.19.1', 'sp':'4', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'sle-module-desktop-applications-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'MozillaFirefox-translations-common-91.6.1-152.19.1', 'sp':'4', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'sle-module-desktop-applications-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'MozillaFirefox-translations-other-91.6.1-152.19.1', 'sp':'4', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'sle-module-desktop-applications-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'MozillaFirefox-translations-other-91.6.1-152.19.1', 'sp':'4', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'sle-module-desktop-applications-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'MozillaFirefox-91.6.1-152.19.1', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['sles-ltss-release-15.2']},\n {'reference':'MozillaFirefox-devel-91.6.1-152.19.1', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['sles-ltss-release-15.2']},\n {'reference':'MozillaFirefox-translations-common-91.6.1-152.19.1', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['sles-ltss-release-15.2']},\n {'reference':'MozillaFirefox-translations-other-91.6.1-152.19.1', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['sles-ltss-release-15.2']}\n];\n\nvar ltss_caveat_required = FALSE;\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var exists_check = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && _release) {\n if (exists_check) {\n var check_flag = 0;\n foreach var check (exists_check) {\n if (!rpm_exists(release:_release, rpm:check)) continue;\n if ('ltss' >< tolower(check)) ltss_caveat_required = TRUE;\n check_flag++;\n }\n if (!check_flag) continue;\n }\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n var ltss_plugin_caveat = NULL;\n if(ltss_caveat_required) ltss_plugin_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in SUSE Enterprise Linux Server LTSS\\n' +\n 'repositories. Access to these package security updates require\\n' +\n 'a paid SUSE LTSS subscription.\\n';\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + ltss_plugin_caveat\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'MozillaFirefox / MozillaFirefox-devel / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-23T15:21:10", "description": "The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0804-1 advisory.\n\n - Removing an XSLT parameter during processing could have lead to an exploitable use-after-free. We have had reports of attacks in the wild abusing this flaw. This vulnerability affects Firefox < 97.0.2, Firefox ESR < 91.6.1, Firefox for Android < 97.3.0, Thunderbird < 91.6.2, and Focus < 97.3.0. (CVE-2022-26485)\n\n - An unexpected message in the WebGPU IPC framework could lead to a use-after-free and exploitable sandbox escape. We have had reports of attacks in the wild abusing this flaw. This vulnerability affects Firefox < 97.0.2, Firefox ESR < 91.6.1, Firefox for Android < 97.3.0, Thunderbird < 91.6.2, and Focus < 97.3.0.\n (CVE-2022-26486)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-03-22T00:00:00", "type": "nessus", "title": "SUSE SLED15 / SLES15 Security Update : MozillaThunderbird (SUSE-SU-2022:0804-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-26485", "CVE-2022-26486"], "modified": "2023-07-14T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:mozillathunderbird", "p-cpe:/a:novell:suse_linux:mozillathunderbird-translations-common", "p-cpe:/a:novell:suse_linux:mozillathunderbird-translations-other", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2022-0804-1.NASL", "href": "https://www.tenable.com/plugins/nessus/159152", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2022:0804-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(159152);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/07/14\");\n\n script_cve_id(\"CVE-2022-26485\", \"CVE-2022-26486\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/03/21\");\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2022:0804-1\");\n script_xref(name:\"IAVA\", value:\"2022-A-0103-S\");\n\n script_name(english:\"SUSE SLED15 / SLES15 Security Update : MozillaThunderbird (SUSE-SU-2022:0804-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 host has packages installed that are affected by\nmultiple vulnerabilities as referenced in the SUSE-SU-2022:0804-1 advisory.\n\n - Removing an XSLT parameter during processing could have lead to an exploitable use-after-free. We have had\n reports of attacks in the wild abusing this flaw. This vulnerability affects Firefox < 97.0.2, Firefox ESR\n < 91.6.1, Firefox for Android < 97.3.0, Thunderbird < 91.6.2, and Focus < 97.3.0. (CVE-2022-26485)\n\n - An unexpected message in the WebGPU IPC framework could lead to a use-after-free and exploitable sandbox\n escape. We have had reports of attacks in the wild abusing this flaw. This vulnerability affects Firefox <\n 97.0.2, Firefox ESR < 91.6.1, Firefox for Android < 97.3.0, Thunderbird < 91.6.2, and Focus < 97.3.0.\n (CVE-2022-26486)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1196809\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-26485\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-26486\");\n # https://lists.suse.com/pipermail/sle-security-updates/2022-March/010413.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?1e28326c\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected MozillaThunderbird, MozillaThunderbird-translations-common and / or MozillaThunderbird-translations-\nother packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-26486\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/03/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/03/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/03/22\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:MozillaThunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:MozillaThunderbird-translations-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:MozillaThunderbird-translations-other\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(os_release) || os_release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)(?:_SAP)?\\d+)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLED_SAP15|SLES15|SLES_SAP15)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15', 'SUSE (' + os_ver + ')');\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE (' + os_ver + ')', cpu);\n\nvar service_pack = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(service_pack)) service_pack = \"0\";\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(3)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLED15 SP3\", os_ver + \" SP\" + service_pack);\nif (os_ver == \"SLED_SAP15\" && (! preg(pattern:\"^(3)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLED_SAP15 SP3\", os_ver + \" SP\" + service_pack);\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(3)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES15 SP3\", os_ver + \" SP\" + service_pack);\nif (os_ver == \"SLES_SAP15\" && (! preg(pattern:\"^(3)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES_SAP15 SP3\", os_ver + \" SP\" + service_pack);\n\nvar pkgs = [\n {'reference':'MozillaThunderbird-91.6.2-8.59.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLES_SAP-release-15.3']},\n {'reference':'MozillaThunderbird-91.6.2-8.59.1', 'sp':'3', 'cpu':'aarch64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLES_SAP-release-15.3']},\n {'reference':'MozillaThunderbird-91.6.2-8.59.1', 'sp':'3', 'cpu':'s390x', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLES_SAP-release-15.3']},\n {'reference':'MozillaThunderbird-91.6.2-8.59.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLES_SAP-release-15.3']},\n {'reference':'MozillaThunderbird-translations-common-91.6.2-8.59.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLES_SAP-release-15.3']},\n {'reference':'MozillaThunderbird-translations-common-91.6.2-8.59.1', 'sp':'3', 'cpu':'aarch64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLES_SAP-release-15.3']},\n {'reference':'MozillaThunderbird-translations-common-91.6.2-8.59.1', 'sp':'3', 'cpu':'s390x', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLES_SAP-release-15.3']},\n {'reference':'MozillaThunderbird-translations-common-91.6.2-8.59.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLES_SAP-release-15.3']},\n {'reference':'MozillaThunderbird-translations-other-91.6.2-8.59.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLES_SAP-release-15.3']},\n {'reference':'MozillaThunderbird-translations-other-91.6.2-8.59.1', 'sp':'3', 'cpu':'aarch64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLES_SAP-release-15.3']},\n {'reference':'MozillaThunderbird-translations-other-91.6.2-8.59.1', 'sp':'3', 'cpu':'s390x', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLES_SAP-release-15.3']},\n {'reference':'MozillaThunderbird-translations-other-91.6.2-8.59.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLES_SAP-release-15.3']},\n {'reference':'MozillaThunderbird-91.6.2-8.59.1', 'sp':'3', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-release-15.3', 'SUSE-Manager-Proxy-release-4.2', 'SUSE-Manager-Server-release-4.2', 'sle-module-packagehub-subpackages-release-15.3', 'sles-release-15.3']},\n {'reference':'MozillaThunderbird-91.6.2-8.59.1', 'sp':'3', 'cpu':'s390x', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-release-15.3', 'SUSE-Manager-Proxy-release-4.2', 'SUSE-Manager-Server-release-4.2', 'sle-module-packagehub-subpackages-release-15.3', 'sles-release-15.3']},\n {'reference':'MozillaThunderbird-translations-common-91.6.2-8.59.1', 'sp':'3', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-release-15.3', 'SUSE-Manager-Proxy-release-4.2', 'SUSE-Manager-Server-release-4.2', 'sle-module-packagehub-subpackages-release-15.3', 'sles-release-15.3']},\n {'reference':'MozillaThunderbird-translations-common-91.6.2-8.59.1', 'sp':'3', 'cpu':'s390x', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-release-15.3', 'SUSE-Manager-Proxy-release-4.2', 'SUSE-Manager-Server-release-4.2', 'sle-module-packagehub-subpackages-release-15.3', 'sles-release-15.3']},\n {'reference':'MozillaThunderbird-translations-other-91.6.2-8.59.1', 'sp':'3', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-release-15.3', 'SUSE-Manager-Proxy-release-4.2', 'SUSE-Manager-Server-release-4.2', 'sle-module-packagehub-subpackages-release-15.3', 'sles-release-15.3']},\n {'reference':'MozillaThunderbird-translations-other-91.6.2-8.59.1', 'sp':'3', 'cpu':'s390x', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-release-15.3', 'SUSE-Manager-Proxy-release-4.2', 'SUSE-Manager-Server-release-4.2', 'sle-module-packagehub-subpackages-release-15.3', 'sles-release-15.3']},\n {'reference':'MozillaThunderbird-91.6.2-8.59.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['sle-we-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'MozillaThunderbird-91.6.2-8.59.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['sle-we-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'MozillaThunderbird-translations-common-91.6.2-8.59.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['sle-we-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'MozillaThunderbird-translations-common-91.6.2-8.59.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['sle-we-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'MozillaThunderbird-translations-other-91.6.2-8.59.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['sle-we-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'MozillaThunderbird-translations-other-91.6.2-8.59.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['sle-we-release-15.3', 'sled-release-15.3', 'sles-release-15.3']}\n];\n\nvar ltss_caveat_required = FALSE;\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var exists_check = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && _release) {\n if (exists_check) {\n var check_flag = 0;\n foreach var check (exists_check) {\n if (!rpm_exists(release:_release, rpm:check)) continue;\n check_flag++;\n }\n if (!check_flag) continue;\n }\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'MozillaThunderbird / MozillaThunderbird-translations-common / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-08-08T16:24:06", "description": "The remote SUSE Linux SLES11 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:14906-1 advisory.\n\n - An attacker could have caused a use-after-free by forcing a text reflow in an SVG object leading to a potentially exploitable crash. This vulnerability affects Firefox < 98, Firefox ESR < 91.7, and Thunderbird < 91.7. (CVE-2022-26381)\n\n - When resizing a popup after requesting fullscreen access, the popup would not display the fullscreen notification. This vulnerability affects Firefox < 98, Firefox ESR < 91.7, and Thunderbird < 91.7.\n (CVE-2022-26383)\n\n - If an attacker could control the contents of an iframe sandboxed with <code>allow-popups</code> but not <code>allow-scripts</code>, they were able to craft a link that, when clicked, would lead to JavaScript execution in violation of the sandbox. This vulnerability affects Firefox < 98, Firefox ESR < 91.7, and Thunderbird < 91.7. (CVE-2022-26384)\n\n - Previously Firefox for macOS and Linux would download temporary files to a user-specific directory in <code>/tmp</code>, but this behavior was changed to download them to <code>/tmp</code> where they could be affected by other local users. This behavior was reverted to the original, user-specific directory.\n <br>*This bug only affects Firefox for macOS and Linux. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 91.7 and Thunderbird < 91.7. (CVE-2022-26386)\n\n - When installing an add-on, Firefox verified the signature before prompting the user; but while the user was confirming the prompt, the underlying add-on file could have been modified and Firefox would not have noticed. This vulnerability affects Firefox < 98, Firefox ESR < 91.7, and Thunderbird < 91.7.\n (CVE-2022-26387)\n\n - Removing an XSLT parameter during processing could have lead to an exploitable use-after-free. We have had reports of attacks in the wild abusing this flaw. This vulnerability affects Firefox < 97.0.2, Firefox ESR < 91.6.1, Firefox for Android < 97.3.0, Thunderbird < 91.6.2, and Focus < 97.3.0. (CVE-2022-26485)\n\n - An unexpected message in the WebGPU IPC framework could lead to a use-after-free and exploitable sandbox escape. We have had reports of attacks in the wild abusing this flaw. This vulnerability affects Firefox < 97.0.2, Firefox ESR < 91.6.1, Firefox for Android < 97.3.0, Thunderbird < 91.6.2, and Focus < 97.3.0.\n (CVE-2022-26486)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-03-17T00:00:00", "type": "nessus", "title": "SUSE SLES11 Security Update : MozillaFirefox (SUSE-SU-2022:14906-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-26381", "CVE-2022-26383", "CVE-2022-26384", "CVE-2022-26386", "CVE-2022-26387", "CVE-2022-26485", "CVE-2022-26486"], "modified": "2023-07-14T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:mozillafirefox", "p-cpe:/a:novell:suse_linux:mozillafirefox-translations-common", "p-cpe:/a:novell:suse_linux:mozillafirefox-translations-other", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_SU-2022-14906-1.NASL", "href": "https://www.tenable.com/plugins/nessus/159017", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2022:14906-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(159017);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/07/14\");\n\n script_cve_id(\n \"CVE-2022-26381\",\n \"CVE-2022-26383\",\n \"CVE-2022-26384\",\n \"CVE-2022-26386\",\n \"CVE-2022-26387\",\n \"CVE-2022-26485\",\n \"CVE-2022-26486\"\n );\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/03/21\");\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2022:14906-1\");\n script_xref(name:\"IAVA\", value:\"2022-A-0103-S\");\n\n script_name(english:\"SUSE SLES11 Security Update : MozillaFirefox (SUSE-SU-2022:14906-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLES11 host has packages installed that are affected by multiple vulnerabilities as referenced in\nthe SUSE-SU-2022:14906-1 advisory.\n\n - An attacker could have caused a use-after-free by forcing a text reflow in an SVG object leading to a\n potentially exploitable crash. This vulnerability affects Firefox < 98, Firefox ESR < 91.7, and\n Thunderbird < 91.7. (CVE-2022-26381)\n\n - When resizing a popup after requesting fullscreen access, the popup would not display the fullscreen\n notification. This vulnerability affects Firefox < 98, Firefox ESR < 91.7, and Thunderbird < 91.7.\n (CVE-2022-26383)\n\n - If an attacker could control the contents of an iframe sandboxed with <code>allow-popups</code> but not\n <code>allow-scripts</code>, they were able to craft a link that, when clicked, would lead to JavaScript\n execution in violation of the sandbox. This vulnerability affects Firefox < 98, Firefox ESR < 91.7, and\n Thunderbird < 91.7. (CVE-2022-26384)\n\n - Previously Firefox for macOS and Linux would download temporary files to a user-specific directory in\n <code>/tmp</code>, but this behavior was changed to download them to <code>/tmp</code> where they could be\n affected by other local users. This behavior was reverted to the original, user-specific directory.\n <br>*This bug only affects Firefox for macOS and Linux. Other operating systems are unaffected.*. This\n vulnerability affects Firefox ESR < 91.7 and Thunderbird < 91.7. (CVE-2022-26386)\n\n - When installing an add-on, Firefox verified the signature before prompting the user; but while the user\n was confirming the prompt, the underlying add-on file could have been modified and Firefox would not have\n noticed. This vulnerability affects Firefox < 98, Firefox ESR < 91.7, and Thunderbird < 91.7.\n (CVE-2022-26387)\n\n - Removing an XSLT parameter during processing could have lead to an exploitable use-after-free. We have had\n reports of attacks in the wild abusing this flaw. This vulnerability affects Firefox < 97.0.2, Firefox ESR\n < 91.6.1, Firefox for Android < 97.3.0, Thunderbird < 91.6.2, and Focus < 97.3.0. (CVE-2022-26485)\n\n - An unexpected message in the WebGPU IPC framework could lead to a use-after-free and exploitable sandbox\n escape. We have had reports of attacks in the wild abusing this flaw. This vulnerability affects Firefox <\n 97.0.2, Firefox ESR < 91.6.1, Firefox for Android < 97.3.0, Thunderbird < 91.6.2, and Focus < 97.3.0.\n (CVE-2022-26486)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1196809\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1196900\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-26381\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-26383\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-26384\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-26386\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-26387\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-26485\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-26486\");\n # https://lists.suse.com/pipermail/sle-security-updates/2022-March/010417.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?83e8d9ec\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected MozillaFirefox, MozillaFirefox-translations-common and / or MozillaFirefox-translations-other\npackages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-26486\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/03/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/03/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/03/17\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:MozillaFirefox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:MozillaFirefox-translations-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:MozillaFirefox-translations-other\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(os_release) || os_release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES11)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLES11', 'SUSE (' + os_ver + ')');\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE (' + os_ver + ')', cpu);\n\nvar service_pack = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(service_pack)) service_pack = \"0\";\nif (os_ver == \"SLES11\" && (! preg(pattern:\"^(4)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES11 SP4\", os_ver + \" SP\" + service_pack);\n\nvar pkgs = [\n {'reference':'MozillaFirefox-91.7.0-78.167.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['sles-release-11.4']},\n {'reference':'MozillaFirefox-translations-common-91.7.0-78.167.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['sles-release-11.4']},\n {'reference':'MozillaFirefox-translations-other-91.7.0-78.167.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['sles-release-11.4']}\n];\n\nvar ltss_caveat_required = FALSE;\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var exists_check = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && _release) {\n if (exists_check) {\n var check_flag = 0;\n foreach var check (exists_check) {\n if (!rpm_exists(release:_release, rpm:check)) continue;\n if ('ltss' >< tolower(check)) ltss_caveat_required = TRUE;\n check_flag++;\n }\n if (!check_flag) continue;\n }\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n var ltss_plugin_caveat = NULL;\n if(ltss_caveat_required) ltss_plugin_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in SUSE Enterprise Linux Server LTSS\\n' +\n 'repositories. Access to these package security updates require\\n' +\n 'a paid SUSE LTSS subscription.\\n';\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + ltss_plugin_caveat\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'MozillaFirefox / MozillaFirefox-translations-common / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-08-08T16:18:24", "description": "The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:0824 advisory.\n\n - xmltok_impl.c in Expat (aka libexpat) before 2.4.5 lacks certain validation of encoding, such as checks for whether a UTF-8 character is valid in a certain context. (CVE-2022-25235)\n\n - xmlparse.c in Expat (aka libexpat) before 2.4.5 allows attackers to insert namespace-separator characters into namespace URIs. (CVE-2022-25236)\n\n - In Expat (aka libexpat) before 2.4.5, there is an integer overflow in storeRawNames. (CVE-2022-25315)\n\n - Mozilla: Use-after-free in text reflows (CVE-2022-26381)\n\n - Mozilla: Browser window spoof using fullscreen mode (CVE-2022-26383)\n\n - Mozilla: iframe allow-scripts sandbox bypass (CVE-2022-26384)\n\n - Mozilla: Temporary files downloaded to /tmp and accessible by other local users (CVE-2022-26386)\n\n - Mozilla: Time-of-check time-of-use bug when verifying add-on signatures (CVE-2022-26387)\n\n - Mozilla: Use-after-free in XSLT parameter processing (CVE-2022-26485)\n\n - Mozilla: Use-after-free in WebGPU IPC Framework (CVE-2022-26486)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-03-12T00:00:00", "type": "nessus", "title": "RHEL 7 : firefox (RHSA-2022:0824)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-25235", "CVE-2022-25236", "CVE-2022-25315", "CVE-2022-26381", "CVE-2022-26383", "CVE-2022-26384", "CVE-2022-26386", "CVE-2022-26387", "CVE-2022-26485", "CVE-2022-26486"], "modified": "2023-05-25T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:7", "p-cpe:/a:redhat:enterprise_linux:firefox"], "id": "REDHAT-RHSA-2022-0824.NASL", "href": "https://www.tenable.com/plugins/nessus/158873", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2022:0824. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(158873);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/25\");\n\n script_cve_id(\n \"CVE-2022-25235\",\n \"CVE-2022-25236\",\n \"CVE-2022-25315\",\n \"CVE-2022-26381\",\n \"CVE-2022-26383\",\n \"CVE-2022-26384\",\n \"CVE-2022-26386\",\n \"CVE-2022-26387\",\n \"CVE-2022-26485\",\n \"CVE-2022-26486\"\n );\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/03/21\");\n script_xref(name:\"RHSA\", value:\"2022:0824\");\n script_xref(name:\"IAVA\", value:\"2022-A-0103-S\");\n\n script_name(english:\"RHEL 7 : firefox (RHSA-2022:0824)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as\nreferenced in the RHSA-2022:0824 advisory.\n\n - xmltok_impl.c in Expat (aka libexpat) before 2.4.5 lacks certain validation of encoding, such as checks\n for whether a UTF-8 character is valid in a certain context. (CVE-2022-25235)\n\n - xmlparse.c in Expat (aka libexpat) before 2.4.5 allows attackers to insert namespace-separator characters\n into namespace URIs. (CVE-2022-25236)\n\n - In Expat (aka libexpat) before 2.4.5, there is an integer overflow in storeRawNames. (CVE-2022-25315)\n\n - Mozilla: Use-after-free in text reflows (CVE-2022-26381)\n\n - Mozilla: Browser window spoof using fullscreen mode (CVE-2022-26383)\n\n - Mozilla: iframe allow-scripts sandbox bypass (CVE-2022-26384)\n\n - Mozilla: Temporary files downloaded to /tmp and accessible by other local users (CVE-2022-26386)\n\n - Mozilla: Time-of-check time-of-use bug when verifying add-on signatures (CVE-2022-26387)\n\n - Mozilla: Use-after-free in XSLT parameter processing (CVE-2022-26485)\n\n - Mozilla: Use-after-free in WebGPU IPC Framework (CVE-2022-26486)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-25235\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-25236\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-25315\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-26381\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-26383\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-26384\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-26386\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-26387\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-26485\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-26486\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2022:0824\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2061735\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2061736\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2062220\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2062221\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2062222\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2062223\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2062224\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected firefox package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-25315\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(179, 190, 281, 367, 416, 449, 787, 838);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/02/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/03/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/03/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:firefox\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '7')) audit(AUDIT_OS_NOT, 'Red Hat 7.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/dist/rhel-alt/server/7/7Server/armv8-a/aarch64/debug',\n 'content/dist/rhel-alt/server/7/7Server/armv8-a/aarch64/optional/debug',\n 'content/dist/rhel-alt/server/7/7Server/armv8-a/aarch64/optional/os',\n 'content/dist/rhel-alt/server/7/7Server/armv8-a/aarch64/optional/source/SRPMS',\n 'content/dist/rhel-alt/server/7/7Server/armv8-a/aarch64/os',\n 'content/dist/rhel-alt/server/7/7Server/armv8-a/aarch64/source/SRPMS',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/debug',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/optional/debug',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/optional/os',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/optional/source/SRPMS',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/os',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/source/SRPMS',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/supplementary/debug',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/supplementary/source/SRPMS',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/debug',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/optional/debug',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/optional/os',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/optional/source/SRPMS',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/os',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/source/SRPMS',\n 'content/dist/rhel/client/7/7Client/x86_64/debug',\n 'content/dist/rhel/client/7/7Client/x86_64/optional/debug',\n 'content/dist/rhel/client/7/7Client/x86_64/optional/os',\n 'content/dist/rhel/client/7/7Client/x86_64/optional/source/SRPMS',\n 'content/dist/rhel/client/7/7Client/x86_64/oracle-java-rm/os',\n 'content/dist/rhel/client/7/7Client/x86_64/os',\n 'content/dist/rhel/client/7/7Client/x86_64/source/SRPMS',\n 'content/dist/rhel/client/7/7Client/x86_64/supplementary/debug',\n 'content/dist/rhel/client/7/7Client/x86_64/supplementary/os',\n 'content/dist/rhel/client/7/7Client/x86_64/supplementary/source/SRPMS',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/debug',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/optional/debug',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/optional/os',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/optional/source/SRPMS',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/oracle-java-rm/os',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/os',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/source/SRPMS',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/supplementary/debug',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/supplementary/os',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/supplementary/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/highavailability/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/highavailability/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/highavailability/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/optional/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/optional/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/optional/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/resilientstorage/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/resilientstorage/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/resilientstorage/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap-hana/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap-hana/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap-hana/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/supplementary/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/supplementary/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/supplementary/source/SRPMS',\n 'content/dist/rhel/power/7/7Server/ppc64/debug',\n 'content/dist/rhel/power/7/7Server/ppc64/optional/debug',\n 'content/dist/rhel/power/7/7Server/ppc64/optional/os',\n 'content/dist/rhel/power/7/7Server/ppc64/optional/source/SRPMS',\n 'content/dist/rhel/power/7/7Server/ppc64/os',\n 'content/dist/rhel/power/7/7Server/ppc64/sap/debug',\n 'content/dist/rhel/power/7/7Server/ppc64/sap/os',\n 'content/dist/rhel/power/7/7Server/ppc64/sap/source/SRPMS',\n 'content/dist/rhel/power/7/7Server/ppc64/source/SRPMS',\n 'content/dist/rhel/power/7/7Server/ppc64/supplementary/debug',\n 'content/dist/rhel/power/7/7Server/ppc64/supplementary/os',\n 'content/dist/rhel/power/7/7Server/ppc64/supplementary/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/highavailability/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/highavailability/os',\n 'content/dist/rhel/server/7/7Server/x86_64/highavailability/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/nfv/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/nfv/os',\n 'content/dist/rhel/server/7/7Server/x86_64/nfv/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/optional/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/optional/os',\n 'content/dist/rhel/server/7/7Server/x86_64/optional/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/oracle-java-rm/os',\n 'content/dist/rhel/server/7/7Server/x86_64/os',\n 'content/dist/rhel/server/7/7Server/x86_64/resilientstorage/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/resilientstorage/os',\n 'content/dist/rhel/server/7/7Server/x86_64/resilientstorage/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/rt/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/rt/os',\n 'content/dist/rhel/server/7/7Server/x86_64/rt/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/sap-hana/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/sap-hana/os',\n 'content/dist/rhel/server/7/7Server/x86_64/sap-hana/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/sap/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/sap/os',\n 'content/dist/rhel/server/7/7Server/x86_64/sap/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/supplementary/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/supplementary/os',\n 'content/dist/rhel/server/7/7Server/x86_64/supplementary/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/highavailability/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/highavailability/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/highavailability/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/optional/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/optional/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/optional/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/resilientstorage/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/resilientstorage/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/resilientstorage/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/sap/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/sap/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/sap/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/supplementary/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/supplementary/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/supplementary/source/SRPMS',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/debug',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/optional/debug',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/optional/os',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/optional/source/SRPMS',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/oracle-java-rm/os',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/os',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/source/SRPMS',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/supplementary/debug',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/supplementary/os',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/supplementary/source/SRPMS',\n 'content/fastrack/rhel/client/7/x86_64/debug',\n 'content/fastrack/rhel/client/7/x86_64/optional/debug',\n 'content/fastrack/rhel/client/7/x86_64/optional/os',\n 'content/fastrack/rhel/client/7/x86_64/optional/source/SRPMS',\n 'content/fastrack/rhel/client/7/x86_64/os',\n 'content/fastrack/rhel/client/7/x86_64/source/SRPMS',\n 'content/fastrack/rhel/computenode/7/x86_64/debug',\n 'content/fastrack/rhel/computenode/7/x86_64/optional/debug',\n 'content/fastrack/rhel/computenode/7/x86_64/optional/os',\n 'content/fastrack/rhel/computenode/7/x86_64/optional/source/SRPMS',\n 'content/fastrack/rhel/computenode/7/x86_64/os',\n 'content/fastrack/rhel/computenode/7/x86_64/source/SRPMS',\n 'content/fastrack/rhel/power/7/ppc64/debug',\n 'content/fastrack/rhel/power/7/ppc64/optional/debug',\n 'content/fastrack/rhel/power/7/ppc64/optional/os',\n 'content/fastrack/rhel/power/7/ppc64/optional/source/SRPMS',\n 'content/fastrack/rhel/power/7/ppc64/os',\n 'content/fastrack/rhel/power/7/ppc64/source/SRPMS',\n 'content/fastrack/rhel/server/7/x86_64/debug',\n 'content/fastrack/rhel/server/7/x86_64/highavailability/debug',\n 'content/fastrack/rhel/server/7/x86_64/highavailability/os',\n 'content/fastrack/rhel/server/7/x86_64/highavailability/source/SRPMS',\n 'content/fastrack/rhel/server/7/x86_64/optional/debug',\n 'content/fastrack/rhel/server/7/x86_64/optional/os',\n 'content/fastrack/rhel/server/7/x86_64/optional/source/SRPMS',\n 'content/fastrack/rhel/server/7/x86_64/os',\n 'content/fastrack/rhel/server/7/x86_64/resilientstorage/debug',\n 'content/fastrack/rhel/server/7/x86_64/resilientstorage/os',\n 'content/fastrack/rhel/server/7/x86_64/resilientstorage/source/SRPMS',\n 'content/fastrack/rhel/server/7/x86_64/source/SRPMS',\n 'content/fastrack/rhel/system-z/7/s390x/debug',\n 'content/fastrack/rhel/system-z/7/s390x/optional/debug',\n 'content/fastrack/rhel/system-z/7/s390x/optional/os',\n 'content/fastrack/rhel/system-z/7/s390x/optional/source/SRPMS',\n 'content/fastrack/rhel/system-z/7/s390x/os',\n 'content/fastrack/rhel/system-z/7/s390x/source/SRPMS',\n 'content/fastrack/rhel/workstation/7/x86_64/debug',\n 'content/fastrack/rhel/workstation/7/x86_64/optional/debug',\n 'content/fastrack/rhel/workstation/7/x86_64/optional/os',\n 'content/fastrack/rhel/workstation/7/x86_64/optional/source/SRPMS',\n 'content/fastrack/rhel/workstation/7/x86_64/os',\n 'content/fastrack/rhel/workstation/7/x86_64/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'firefox-91.7.0-3.el7_9', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'firefox');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-08-09T15:05:47", "description": "The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2022-0818 advisory.\n\n - xmltok_impl.c in Expat (aka libexpat) before 2.4.5 lacks certain validation of encoding, such as checks for whether a UTF-8 character is valid in a certain context. (CVE-2022-25235)\n\n - Previously Thunderbird for macOS and Linux would download temporary files to a user-specific directory in <code>/tmp</code>, but this behavior was changed to download them to <code>/tmp</code> where they could be affected by other local users. This behavior was reverted to the original, user-specific directory. This bug only affects Thunderbird for macOS and Linux. Other operating systems are unaffected.\n (CVE-2022-26386)\n\n - xmlparse.c in Expat (aka libexpat) before 2.4.5 allows attackers to insert namespace-separator characters into namespace URIs. (CVE-2022-25236)\n\n - In Expat (aka libexpat) before 2.4.5, there is an integer overflow in storeRawNames. (CVE-2022-25315)\n\n - An attacker could have caused a use-after-free by forcing a text reflow in an SVG object leading to a potentially exploitable crash. (CVE-2022-26381)\n\n - When resizing a popup after requesting fullscreen access, the popup would not display the fullscreen notification. (CVE-2022-26383)\n\n - If an attacker could control the contents of an iframe sandboxed with <code>allow-popups</code> but not <code>allow-scripts</code>, they were able to craft a link that, when clicked, would lead to JavaScript execution in violation of the sandbox. (CVE-2022-26384)\n\n - When installing an add-on, Thunderbird verified the signature before prompting the user; but while the user was confirming the prompt, the underlying add-on file could have been modified and Thunderbird would not have noticed. (CVE-2022-26387)\n\n - Removing an XSLT parameter during processing could have lead to an exploitable use-after-free. We have had reports of attacks in the wild abusing this flaw. (CVE-2022-26485)\n\n - An unexpected message in the WebGPU IPC framework could lead to a use-after-free and exploitable sandbox escape. We have had reports of attacks in the wild abusing this flaw. (CVE-2022-26486)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-03-11T00:00:00", "type": "nessus", "title": "Oracle Linux 8 : firefox (ELSA-2022-0818)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-25235", "CVE-2022-25236", "CVE-2022-25315", "CVE-2022-26381", "CVE-2022-26383", "CVE-2022-26384", "CVE-2022-26386", "CVE-2022-26387", "CVE-2022-26485", "CVE-2022-26486"], "modified": "2023-04-25T00:00:00", "cpe": ["cpe:/o:oracle:linux:8", "p-cpe:/a:oracle:linux:firefox"], "id": "ORACLELINUX_ELSA-2022-0818.NASL", "href": "https://www.tenable.com/plugins/nessus/158797", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2022-0818.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(158797);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/04/25\");\n\n script_cve_id(\n \"CVE-2022-25235\",\n \"CVE-2022-25236\",\n \"CVE-2022-25315\",\n \"CVE-2022-26381\",\n \"CVE-2022-26383\",\n \"CVE-2022-26384\",\n \"CVE-2022-26386\",\n \"CVE-2022-26387\",\n \"CVE-2022-26485\",\n \"CVE-2022-26486\"\n );\n script_xref(name:\"IAVA\", value:\"2022-A-0103-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/03/21\");\n\n script_name(english:\"Oracle Linux 8 : firefox (ELSA-2022-0818)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the\nELSA-2022-0818 advisory.\n\n - xmltok_impl.c in Expat (aka libexpat) before 2.4.5 lacks certain validation of encoding, such as checks\n for whether a UTF-8 character is valid in a certain context. (CVE-2022-25235)\n\n - Previously Thunderbird for macOS and Linux would download temporary files to a user-specific directory in\n <code>/tmp</code>, but this behavior was changed to download them to <code>/tmp</code> where they could be\n affected by other local users. This behavior was reverted to the original, user-specific directory. This\n bug only affects Thunderbird for macOS and Linux. Other operating systems are unaffected.\n (CVE-2022-26386)\n\n - xmlparse.c in Expat (aka libexpat) before 2.4.5 allows attackers to insert namespace-separator characters\n into namespace URIs. (CVE-2022-25236)\n\n - In Expat (aka libexpat) before 2.4.5, there is an integer overflow in storeRawNames. (CVE-2022-25315)\n\n - An attacker could have caused a use-after-free by forcing a text reflow in an SVG object leading to a\n potentially exploitable crash. (CVE-2022-26381)\n\n - When resizing a popup after requesting fullscreen access, the popup would not display the fullscreen\n notification. (CVE-2022-26383)\n\n - If an attacker could control the contents of an iframe sandboxed with <code>allow-popups</code> but not\n <code>allow-scripts</code>, they were able to craft a link that, when clicked, would lead to JavaScript\n execution in violation of the sandbox. (CVE-2022-26384)\n\n - When installing an add-on, Thunderbird verified the signature before prompting the user; but while the\n user was confirming the prompt, the underlying add-on file could have been modified and Thunderbird would\n not have noticed. (CVE-2022-26387)\n\n - Removing an XSLT parameter during processing could have lead to an exploitable use-after-free. We have had\n reports of attacks in the wild abusing this flaw. (CVE-2022-26485)\n\n - An unexpected message in the WebGPU IPC framework could lead to a use-after-free and exploitable sandbox\n escape. We have had reports of attacks in the wild abusing this flaw. (CVE-2022-26486)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2022-0818.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected firefox package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-25315\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/02/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/03/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/03/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:firefox\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar release = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 8', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\n\nvar pkgs = [\n {'reference':'firefox-91.7.0-3.0.1.el8_5', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE},\n {'reference':'firefox-91.7.0-3.0.1.el8_5', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release) {\n if (exists_check) {\n if (rpm_exists(release:release, rpm:exists_check) && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'firefox');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-08-09T15:05:23", "description": "The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2022-0824 advisory.\n\n - xmltok_impl.c in Expat (aka libexpat) before 2.4.5 lacks certain validation of encoding, such as checks for whether a UTF-8 character is valid in a certain context. (CVE-2022-25235)\n\n - Previously Thunderbird for macOS and Linux would download temporary files to a user-specific directory in <code>/tmp</code>, but this behavior was changed to download them to <code>/tmp</code> where they could be affected by other local users. This behavior was reverted to the original, user-specific directory. This bug only affects Thunderbird for macOS and Linux. Other operating systems are unaffected.\n (CVE-2022-26386)\n\n - xmlparse.c in Expat (aka libexpat) before 2.4.5 allows attackers to insert namespace-separator characters into namespace URIs. (CVE-2022-25236)\n\n - In Expat (aka libexpat) before 2.4.5, there is an integer overflow in storeRawNames. (CVE-2022-25315)\n\n - An attacker could have caused a use-after-free by forcing a text reflow in an SVG object leading to a potentially exploitable crash. (CVE-2022-26381)\n\n - When resizing a popup after requesting fullscreen access, the popup would not display the fullscreen notification. (CVE-2022-26383)\n\n - If an attacker could control the contents of an iframe sandboxed with <code>allow-popups</code> but not <code>allow-scripts</code>, they were able to craft a link that, when clicked, would lead to JavaScript execution in violation of the sandbox. (CVE-2022-26384)\n\n - When installing an add-on, Thunderbird verified the signature before prompting the user; but while the user was confirming the prompt, the underlying add-on file could have been modified and Thunderbird would not have noticed. (CVE-2022-26387)\n\n - Removing an XSLT parameter during processing could have lead to an exploitable use-after-free. We have had reports of attacks in the wild abusing this flaw. (CVE-2022-26485)\n\n - An unexpected message in the WebGPU IPC framework could lead to a use-after-free and exploitable sandbox escape. We have had reports of attacks in the wild abusing this flaw. (CVE-2022-26486)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-03-11T00:00:00", "type": "nessus", "title": "Oracle Linux 7 : firefox (ELSA-2022-0824)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-25235", "CVE-2022-25236", "CVE-2022-25315", "CVE-2022-26381", "CVE-2022-26383", "CVE-2022-26384", "CVE-2022-26386", "CVE-2022-26387", "CVE-2022-26485", "CVE-2022-26486"], "modified": "2023-04-25T00:00:00", "cpe": ["cpe:/o:oracle:linux:7", "p-cpe:/a:oracle:linux:firefox"], "id": "ORACLELINUX_ELSA-2022-0824.NASL", "href": "https://www.tenable.com/plugins/nessus/158796", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2022-0824.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(158796);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/04/25\");\n\n script_cve_id(\n \"CVE-2022-25235\",\n \"CVE-2022-25236\",\n \"CVE-2022-25315\",\n \"CVE-2022-26381\",\n \"CVE-2022-26383\",\n \"CVE-2022-26384\",\n \"CVE-2022-26386\",\n \"CVE-2022-26387\",\n \"CVE-2022-26485\",\n \"CVE-2022-26486\"\n );\n script_xref(name:\"IAVA\", value:\"2022-A-0103-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/03/21\");\n\n script_name(english:\"Oracle Linux 7 : firefox (ELSA-2022-0824)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the\nELSA-2022-0824 advisory.\n\n - xmltok_impl.c in Expat (aka libexpat) before 2.4.5 lacks certain validation of encoding, such as checks\n for whether a UTF-8 character is valid in a certain context. (CVE-2022-25235)\n\n - Previously Thunderbird for macOS and Linux would download temporary files to a user-specific directory in\n <code>/tmp</code>, but this behavior was changed to download them to <code>/tmp</code> where they could be\n affected by other local users. This behavior was reverted to the original, user-specific directory. This\n bug only affects Thunderbird for macOS and Linux. Other operating systems are unaffected.\n (CVE-2022-26386)\n\n - xmlparse.c in Expat (aka libexpat) before 2.4.5 allows attackers to insert namespace-separator characters\n into namespace URIs. (CVE-2022-25236)\n\n - In Expat (aka libexpat) before 2.4.5, there is an integer overflow in storeRawNames. (CVE-2022-25315)\n\n - An attacker could have caused a use-after-free by forcing a text reflow in an SVG object leading to a\n potentially exploitable crash. (CVE-2022-26381)\n\n - When resizing a popup after requesting fullscreen access, the popup would not display the fullscreen\n notification. (CVE-2022-26383)\n\n - If an attacker could control the contents of an iframe sandboxed with <code>allow-popups</code> but not\n <code>allow-scripts</code>, they were able to craft a link that, when clicked, would lead to JavaScript\n execution in violation of the sandbox. (CVE-2022-26384)\n\n - When installing an add-on, Thunderbird verified the signature before prompting the user; but while the\n user was confirming the prompt, the underlying add-on file could have been modified and Thunderbird would\n not have noticed. (CVE-2022-26387)\n\n - Removing an XSLT parameter during processing could have lead to an exploitable use-after-free. We have had\n reports of attacks in the wild abusing this flaw. (CVE-2022-26485)\n\n - An unexpected message in the WebGPU IPC framework could lead to a use-after-free and exploitable sandbox\n escape. We have had reports of attacks in the wild abusing this flaw. (CVE-2022-26486)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2022-0824.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected firefox package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-25315\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/02/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/03/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/03/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:firefox\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar release = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 7', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\n\nvar pkgs = [\n {'reference':'firefox-91.7.0-3.0.1.el7_9', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE},\n {'reference':'firefox-91.7.0-3.0.1.el7_9', 'cpu':'i686', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE},\n {'reference':'firefox-91.7.0-3.0.1.el7_9', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release) {\n if (exists_check) {\n if (rpm_exists(release:release, rpm:exists_check) && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'firefox');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-08-08T16:20:25", "description": "The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:0815 advisory.\n\n - expat: Malformed 2- and 3-byte UTF-8 sequences can lead to arbitrary code execution (CVE-2022-25235)\n\n - expat: Namespace-separator characters in xmlns[:prefix] attribute values can lead to arbitrary code execution (CVE-2022-25236)\n\n - expat: Integer overflow in storeRawNames() (CVE-2022-25315)\n\n - Mozilla: Use-after-free in text reflows (CVE-2022-26381)\n\n - Mozilla: Browser window spoof using fullscreen mode (CVE-2022-26383)\n\n - Mozilla: iframe allow-scripts sandbox bypass (CVE-2022-26384)\n\n - Mozilla: Temporary files downloaded to /tmp and accessible by other local users (CVE-2022-26386)\n\n - Mozilla: Time-of-check time-of-use bug when verifying add-on signatures (CVE-2022-26387)\n\n - Mozilla: Use-after-free in XSLT parameter processing (CVE-2022-26485)\n\n - Mozilla: Use-after-free in WebGPU IPC Framework (CVE-2022-26486)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-03-11T00:00:00", "type": "nessus", "title": "RHEL 8 : firefox (RHSA-2022:0815)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-25235", "CVE-2022-25236", "CVE-2022-25315", "CVE-2022-26381", "CVE-2022-26383", "CVE-2022-26384", "CVE-2022-26386", "CVE-2022-26387", "CVE-2022-26485", "CVE-2022-26486"], "modified": "2023-05-25T00:00:00", "cpe": ["cpe:/o:redhat:rhel_e4s:8.1", "p-cpe:/a:redhat:enterprise_linux:firefox"], "id": "REDHAT-RHSA-2022-0815.NASL", "href": "https://www.tenable.com/plugins/nessus/158811", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2022:0815. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(158811);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/25\");\n\n script_cve_id(\n \"CVE-2022-25235\",\n \"CVE-2022-25236\",\n \"CVE-2022-25315\",\n \"CVE-2022-26381\",\n \"CVE-2022-26383\",\n \"CVE-2022-26384\",\n \"CVE-2022-26386\",\n \"CVE-2022-26387\",\n \"CVE-2022-26485\",\n \"CVE-2022-26486\"\n );\n script_xref(name:\"RHSA\", value:\"2022:0815\");\n script_xref(name:\"IAVA\", value:\"2022-A-0103-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/03/21\");\n\n script_name(english:\"RHEL 8 : firefox (RHSA-2022:0815)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as\nreferenced in the RHSA-2022:0815 advisory.\n\n - expat: Malformed 2- and 3-byte UTF-8 sequences can lead to arbitrary code execution (CVE-2022-25235)\n\n - expat: Namespace-separator characters in xmlns[:prefix] attribute values can lead to arbitrary code\n execution (CVE-2022-25236)\n\n - expat: Integer overflow in storeRawNames() (CVE-2022-25315)\n\n - Mozilla: Use-after-free in text reflows (CVE-2022-26381)\n\n - Mozilla: Browser window spoof using fullscreen mode (CVE-2022-26383)\n\n - Mozilla: iframe allow-scripts sandbox bypass (CVE-2022-26384)\n\n - Mozilla: Temporary files downloaded to /tmp and accessible by other local users (CVE-2022-26386)\n\n - Mozilla: Time-of-check time-of-use bug when verifying add-on signatures (CVE-2022-26387)\n\n - Mozilla: Use-after-free in XSLT parameter processing (CVE-2022-26485)\n\n - Mozilla: Use-after-free in WebGPU IPC Framework (CVE-2022-26486)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-25235\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-25236\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-25315\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-26381\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-26383\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-26384\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-26386\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-26387\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-26485\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-26486\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2022:0815\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2056363\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2056366\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2056370\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2061735\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2061736\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2062220\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2062221\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2062222\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2062223\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2062224\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected firefox package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-25315\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20, 179, 190, 281, 367, 416, 449, 451, 787, 838);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/02/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/03/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/03/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:firefox\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'eq', os_version: os_ver, rhel_version: '8.1')) audit(AUDIT_OS_NOT, 'Red Hat 8.1', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/e4s/rhel8/8.1/ppc64le/appstream/debug',\n 'content/e4s/rhel8/8.1/ppc64le/appstream/os',\n 'content/e4s/rhel8/8.1/ppc64le/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.1/ppc64le/baseos/debug',\n 'content/e4s/rhel8/8.1/ppc64le/baseos/os',\n 'content/e4s/rhel8/8.1/ppc64le/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.1/ppc64le/highavailability/debug',\n 'content/e4s/rhel8/8.1/ppc64le/highavailability/os',\n 'content/e4s/rhel8/8.1/ppc64le/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.1/ppc64le/sap-solutions/debug',\n 'content/e4s/rhel8/8.1/ppc64le/sap-solutions/os',\n 'content/e4s/rhel8/8.1/ppc64le/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.1/ppc64le/sap/debug',\n 'content/e4s/rhel8/8.1/ppc64le/sap/os',\n 'content/e4s/rhel8/8.1/ppc64le/sap/source/SRPMS',\n 'content/e4s/rhel8/8.1/x86_64/appstream/debug',\n 'content/e4s/rhel8/8.1/x86_64/appstream/os',\n 'content/e4s/rhel8/8.1/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.1/x86_64/baseos/debug',\n 'content/e4s/rhel8/8.1/x86_64/baseos/os',\n 'content/e4s/rhel8/8.1/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.1/x86_64/highavailability/debug',\n 'content/e4s/rhel8/8.1/x86_64/highavailability/os',\n 'content/e4s/rhel8/8.1/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.1/x86_64/sap-solutions/debug',\n 'content/e4s/rhel8/8.1/x86_64/sap-solutions/os',\n 'content/e4s/rhel8/8.1/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.1/x86_64/sap/debug',\n 'content/e4s/rhel8/8.1/x86_64/sap/os',\n 'content/e4s/rhel8/8.1/x86_64/sap/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'firefox-91.7.0-3.el8_1', 'sp':'1', 'cpu':'ppc64le', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE},\n {'reference':'firefox-91.7.0-3.el8_1', 'sp':'1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var subscription_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in the Red Hat Enterprise Linux\\n' +\n 'Update Services for SAP Solutions repository.\\n' +\n 'Access to this repository requires a paid RHEL subscription.\\n';\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = subscription_caveat + rpm_report_get() + redhat_report_repo_caveat();\n else extra = subscription_caveat + rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'firefox');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-08-08T16:23:12", "description": "The remote Scientific Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the SLSA-2022:0824-1 advisory.\n\n - Mozilla: Use-after-free in XSLT parameter processing (CVE-2022-26485)\n\n - Mozilla: Use-after-free in WebGPU IPC Framework (CVE-2022-26486)\n\n - expat: Malformed 2- and 3-byte UTF-8 sequences can lead to arbitrary code execution (CVE-2022-25235)\n\n - expat: Namespace-separator characters in xmlns[:prefix] attribute values can lead to arbitrary code execution (CVE-2022-25236)\n\n - expat: Integer overflow in storeRawNames() (CVE-2022-25315)\n\n - Mozilla: Use-after-free in text reflows (CVE-2022-26381)\n\n - Mozilla: Browser window spoof using fullscreen mode (CVE-2022-26383)\n\n - Mozilla: iframe allow-scripts sandbox bypass (CVE-2022-26384)\n\n - Mozilla: Time-of-check time-of-use bug when verifying add-on signatures (CVE-2022-26387)\n\n - Mozilla: Temporary files downloaded to /tmp and accessible by other local users (CVE-2022-26386)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-03-12T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : firefox on SL7.x i686/x86_64 (2022:0824)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-25235", "CVE-2022-25236", "CVE-2022-25315", "CVE-2022-26381", "CVE-2022-26383", "CVE-2022-26384", "CVE-2022-26386", "CVE-2022-26387", "CVE-2022-26485", "CVE-2022-26486"], "modified": "2023-04-25T00:00:00", "cpe": ["cpe:/o:fermilab:scientific_linux", "p-cpe:/a:fermilab:scientific_linux:firefox", "p-cpe:/a:fermilab:scientific_linux:firefox-debuginfo"], "id": "SL_20220311_FIREFOX_ON_SL7_X.NASL", "href": "https://www.tenable.com/plugins/nessus/158875", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(158875);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/04/25\");\n\n script_cve_id(\n \"CVE-2022-25235\",\n \"CVE-2022-25236\",\n \"CVE-2022-25315\",\n \"CVE-2022-26381\",\n \"CVE-2022-26383\",\n \"CVE-2022-26384\",\n \"CVE-2022-26386\",\n \"CVE-2022-26387\",\n \"CVE-2022-26485\",\n \"CVE-2022-26486\"\n );\n script_xref(name:\"IAVA\", value:\"2022-A-0103-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/03/21\");\n script_xref(name:\"RHSA\", value:\"RHSA-2022:0824\");\n\n script_name(english:\"Scientific Linux Security Update : firefox on SL7.x i686/x86_64 (2022:0824)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Scientific Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Scientific Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in\nthe SLSA-2022:0824-1 advisory.\n\n - Mozilla: Use-after-free in XSLT parameter processing (CVE-2022-26485)\n\n - Mozilla: Use-after-free in WebGPU IPC Framework (CVE-2022-26486)\n\n - expat: Malformed 2- and 3-byte UTF-8 sequences can lead to arbitrary code execution (CVE-2022-25235)\n\n - expat: Namespace-separator characters in xmlns[:prefix] attribute values can lead to arbitrary code\n execution (CVE-2022-25236)\n\n - expat: Integer overflow in storeRawNames() (CVE-2022-25315)\n\n - Mozilla: Use-after-free in text reflows (CVE-2022-26381)\n\n - Mozilla: Browser window spoof using fullscreen mode (CVE-2022-26383)\n\n - Mozilla: iframe allow-scripts sandbox bypass (CVE-2022-26384)\n\n - Mozilla: Time-of-check time-of-use bug when verifying add-on signatures (CVE-2022-26387)\n\n - Mozilla: Temporary files downloaded to /tmp and accessible by other local users (CVE-2022-26386)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.scientificlinux.org/category/sl-errata/slsa-20220824-1\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected firefox and / or firefox-debuginfo packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-25315\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/02/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/03/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/03/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fermilab:scientific_linux\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:firefox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:firefox-debuginfo\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/RedHat/release');\nif (isnull(release) || 'Scientific Linux' >!< release) audit(AUDIT_OS_NOT, 'Scientific Linux');\nvar os_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Scientific Linux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Scientific Linux 7.x', 'Scientific Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Scientific Linux', cpu);\n\nvar pkgs = [\n {'reference':'firefox-91.7.0-3.el7_9', 'cpu':'i686', 'release':'SL7', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE},\n {'reference':'firefox-91.7.0-3.el7_9', 'cpu':'x86_64', 'release':'SL7', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE},\n {'reference':'firefox-debuginfo-91.7.0-3.el7_9', 'cpu':'x86_64', 'release':'SL7', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'firefox / firefox-debuginfo');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-08-09T15:05:33", "description": "The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:0816 advisory.\n\n - xmltok_impl.c in Expat (aka libexpat) before 2.4.5 lacks certain validation of encoding, such as checks for whether a UTF-8 character is valid in a certain context. (CVE-2022-25235)\n\n - xmlparse.c in Expat (aka libexpat) before 2.4.5 allows attackers to insert namespace-separator characters into namespace URIs. (CVE-2022-25236)\n\n - In Expat (aka libexpat) before 2.4.5, there is an integer overflow in storeRawNames. (CVE-2022-25315)\n\n - Mozilla: Use-after-free in text reflows (CVE-2022-26381)\n\n - Mozilla: Browser window spoof using fullscreen mode (CVE-2022-26383)\n\n - Mozilla: iframe allow-scripts sandbox bypass (CVE-2022-26384)\n\n - Mozilla: Temporary files downloaded to /tmp and accessible by other local users (CVE-2022-26386)\n\n - Mozilla: Time-of-check time-of-use bug when verifying add-on signatures (CVE-2022-26387)\n\n - Mozilla: Use-after-free in XSLT parameter processing (CVE-2022-26485)\n\n - Mozilla: Use-after-free in WebGPU IPC Framework (CVE-2022-26486)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-03-11T00:00:00", "type": "nessus", "title": "RHEL 8 : firefox (RHSA-2022:0816)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-25235", "CVE-2022-25236", "CVE-2022-25315", "CVE-2022-26381", "CVE-2022-26383", "CVE-2022-26384", "CVE-2022-26386", "CVE-2022-26387", "CVE-2022-26485", "CVE-2022-26486"], "modified": "2023-05-25T00:00:00", "cpe": ["cpe:/o:redhat:rhel_aus:8.2", "cpe:/o:redhat:rhel_e4s:8.2", "cpe:/o:redhat:rhel_eus:8.2", "cpe:/o:redhat:rhel_tus:8.2", "p-cpe:/a:redhat:enterprise_linux:firefox"], "id": "REDHAT-RHSA-2022-0816.NASL", "href": "https://www.tenable.com/plugins/nessus/158814", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2022:0816. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(158814);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/25\");\n\n script_cve_id(\n \"CVE-2022-25235\",\n \"CVE-2022-25236\",\n \"CVE-2022-25315\",\n \"CVE-2022-26381\",\n \"CVE-2022-26383\",\n \"CVE-2022-26384\",\n \"CVE-2022-26386\",\n \"CVE-2022-26387\",\n \"CVE-2022-26485\",\n \"CVE-2022-26486\"\n );\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/03/21\");\n script_xref(name:\"RHSA\", value:\"2022:0816\");\n script_xref(name:\"IAVA\", value:\"2022-A-0103-S\");\n\n script_name(english:\"RHEL 8 : firefox (RHSA-2022:0816)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as\nreferenced in the RHSA-2022:0816 advisory.\n\n - xmltok_impl.c in Expat (aka libexpat) before 2.4.5 lacks certain validation of encoding, such as checks\n for whether a UTF-8 character is valid in a certain context. (CVE-2022-25235)\n\n - xmlparse.c in Expat (aka libexpat) before 2.4.5 allows attackers to insert namespace-separator characters\n into namespace URIs. (CVE-2022-25236)\n\n - In Expat (aka libexpat) before 2.4.5, there is an integer overflow in storeRawNames. (CVE-2022-25315)\n\n - Mozilla: Use-after-free in text reflows (CVE-2022-26381)\n\n - Mozilla: Browser window spoof using fullscreen mode (CVE-2022-26383)\n\n - Mozilla: iframe allow-scripts sandbox bypass (CVE-2022-26384)\n\n - Mozilla: Temporary files downloaded to /tmp and accessible by other local users (CVE-2022-26386)\n\n - Mozilla: Time-of-check time-of-use bug when verifying add-on signatures (CVE-2022-26387)\n\n - Mozilla: Use-after-free in XSLT parameter processing (CVE-2022-26485)\n\n - Mozilla: Use-after-free in WebGPU IPC Framework (CVE-2022-26486)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-25235\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-25236\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-25315\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-26381\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-26383\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-26384\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-26386\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-26387\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-26485\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-26486\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2022:0816\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2061735\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2061736\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2062220\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2062221\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2062222\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2062223\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2062224\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected firefox package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-25315\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(179, 190, 281, 367, 416, 449, 787, 838);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/02/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/03/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/03/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:firefox\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'eq', os_version: os_ver, rhel_version: '8.2')) audit(AUDIT_OS_NOT, 'Red Hat 8.2', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/aus/rhel8/8.2/x86_64/appstream/debug',\n 'content/aus/rhel8/8.2/x86_64/appstream/os',\n 'content/aus/rhel8/8.2/x86_64/appstream/source/SRPMS',\n 'content/aus/rhel8/8.2/x86_64/baseos/debug',\n 'content/aus/rhel8/8.2/x86_64/baseos/os',\n 'content/aus/rhel8/8.2/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.2/ppc64le/appstream/debug',\n 'content/e4s/rhel8/8.2/ppc64le/appstream/os',\n 'content/e4s/rhel8/8.2/ppc64le/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.2/ppc64le/baseos/debug',\n 'content/e4s/rhel8/8.2/ppc64le/baseos/os',\n 'content/e4s/rhel8/8.2/ppc64le/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.2/ppc64le/highavailability/debug',\n 'content/e4s/rhel8/8.2/ppc64le/highavailability/os',\n 'content/e4s/rhel8/8.2/ppc64le/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.2/ppc64le/sap-solutions/debug',\n 'content/e4s/rhel8/8.2/ppc64le/sap-solutions/os',\n 'content/e4s/rhel8/8.2/ppc64le/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.2/ppc64le/sap/debug',\n 'content/e4s/rhel8/8.2/ppc64le/sap/os',\n 'content/e4s/rhel8/8.2/ppc64le/sap/source/SRPMS',\n 'content/e4s/rhel8/8.2/x86_64/appstream/debug',\n 'content/e4s/rhel8/8.2/x86_64/appstream/os',\n 'content/e4s/rhel8/8.2/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.2/x86_64/baseos/debug',\n 'content/e4s/rhel8/8.2/x86_64/baseos/os',\n 'content/e4s/rhel8/8.2/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.2/x86_64/highavailability/debug',\n 'content/e4s/rhel8/8.2/x86_64/highavailability/os',\n 'content/e4s/rhel8/8.2/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.2/x86_64/sap-solutions/debug',\n 'content/e4s/rhel8/8.2/x86_64/sap-solutions/os',\n 'content/e4s/rhel8/8.2/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.2/x86_64/sap/debug',\n 'content/e4s/rhel8/8.2/x86_64/sap/os',\n 'content/e4s/rhel8/8.2/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.2/aarch64/appstream/debug',\n 'content/eus/rhel8/8.2/aarch64/appstream/os',\n 'content/eus/rhel8/8.2/aarch64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.2/aarch64/baseos/debug',\n 'content/eus/rhel8/8.2/aarch64/baseos/os',\n 'content/eus/rhel8/8.2/aarch64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.2/aarch64/codeready-builder/debug',\n 'content/eus/rhel8/8.2/aarch64/codeready-builder/os',\n 'content/eus/rhel8/8.2/aarch64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.2/aarch64/highavailability/debug',\n 'content/eus/rhel8/8.2/aarch64/highavailability/os',\n 'content/eus/rhel8/8.2/aarch64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.2/aarch64/supplementary/debug',\n 'content/eus/rhel8/8.2/aarch64/supplementary/os',\n 'content/eus/rhel8/8.2/aarch64/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/appstream/debug',\n 'content/eus/rhel8/8.2/ppc64le/appstream/os',\n 'content/eus/rhel8/8.2/ppc64le/appstream/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/baseos/debug',\n 'content/eus/rhel8/8.2/ppc64le/baseos/os',\n 'content/eus/rhel8/8.2/ppc64le/baseos/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/codeready-builder/debug',\n 'content/eus/rhel8/8.2/ppc64le/codeready-builder/os',\n 'content/eus/rhel8/8.2/ppc64le/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/highavailability/debug',\n 'content/eus/rhel8/8.2/ppc64le/highavailability/os',\n 'content/eus/rhel8/8.2/ppc64le/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/resilientstorage/debug',\n 'content/eus/rhel8/8.2/ppc64le/resilientstorage/os',\n 'content/eus/rhel8/8.2/ppc64le/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/sap-solutions/debug',\n 'content/eus/rhel8/8.2/ppc64le/sap-solutions/os',\n 'content/eus/rhel8/8.2/ppc64le/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/sap/debug',\n 'content/eus/rhel8/8.2/ppc64le/sap/os',\n 'content/eus/rhel8/8.2/ppc64le/sap/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/supplementary/debug',\n 'content/eus/rhel8/8.2/ppc64le/supplementary/os',\n 'content/eus/rhel8/8.2/ppc64le/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.2/s390x/appstream/debug',\n 'content/eus/rhel8/8.2/s390x/appstream/os',\n 'content/eus/rhel8/8.2/s390x/appstream/source/SRPMS',\n 'content/eus/rhel8/8.2/s390x/baseos/debug',\n 'content/eus/rhel8/8.2/s390x/baseos/os',\n 'content/eus/rhel8/8.2/s390x/baseos/source/SRPMS',\n 'content/eus/rhel8/8.2/s390x/codeready-builder/debug',\n 'content/eus/rhel8/8.2/s390x/codeready-builder/os',\n 'content/eus/rhel8/8.2/s390x/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.2/s390x/highavailability/debug',\n 'content/eus/rhel8/8.2/s390x/highavailability/os',\n 'content/eus/rhel8/8.2/s390x/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.2/s390x/resilientstorage/debug',\n 'content/eus/rhel8/8.2/s390x/resilientstorage/os',\n 'content/eus/rhel8/8.2/s390x/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.2/s390x/sap/debug',\n 'content/eus/rhel8/8.2/s390x/sap/os',\n 'content/eus/rhel8/8.2/s390x/sap/source/SRPMS',\n 'content/eus/rhel8/8.2/s390x/supplementary/debug',\n 'content/eus/rhel8/8.2/s390x/supplementary/os',\n 'content/eus/rhel8/8.2/s390x/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/appstream/debug',\n 'content/eus/rhel8/8.2/x86_64/appstream/os',\n 'content/eus/rhel8/8.2/x86_64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/baseos/debug',\n 'content/eus/rhel8/8.2/x86_64/baseos/os',\n 'content/eus/rhel8/8.2/x86_64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/codeready-builder/debug',\n 'content/eus/rhel8/8.2/x86_64/codeready-builder/os',\n 'content/eus/rhel8/8.2/x86_64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/highavailability/debug',\n 'content/eus/rhel8/8.2/x86_64/highavailability/os',\n 'content/eus/rhel8/8.2/x86_64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/resilientstorage/debug',\n 'content/eus/rhel8/8.2/x86_64/resilientstorage/os',\n 'content/eus/rhel8/8.2/x86_64/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/sap-solutions/debug',\n 'content/eus/rhel8/8.2/x86_64/sap-solutions/os',\n 'content/eus/rhel8/8.2/x86_64/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/sap/debug',\n 'content/eus/rhel8/8.2/x86_64/sap/os',\n 'content/eus/rhel8/8.2/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/supplementary/debug',\n 'content/eus/rhel8/8.2/x86_64/supplementary/os',\n 'content/eus/rhel8/8.2/x86_64/supplementary/source/SRPMS',\n 'content/tus/rhel8/8.2/x86_64/appstream/debug',\n 'content/tus/rhel8/8.2/x86_64/appstream/os',\n 'content/tus/rhel8/8.2/x86_64/appstream/source/SRPMS',\n 'content/tus/rhel8/8.2/x86_64/baseos/debug',\n 'content/tus/rhel8/8.2/x86_64/baseos/os',\n 'content/tus/rhel8/8.2/x86_64/baseos/source/SRPMS',\n 'content/tus/rhel8/8.2/x86_64/highavailability/debug',\n 'content/tus/rhel8/8.2/x86_64/highavailability/os',\n 'content/tus/rhel8/8.2/x86_64/highavailability/source/SRPMS',\n 'content/tus/rhel8/8.2/x86_64/nfv/debug',\n 'content/tus/rhel8/8.2/x86_64/nfv/os',\n 'content/tus/rhel8/8.2/x86_64/nfv/source/SRPMS',\n 'content/tus/rhel8/8.2/x86_64/rt/debug',\n 'content/tus/rhel8/8.2/x86_64/rt/os',\n 'content/tus/rhel8/8.2/x86_64/rt/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'firefox-91.7.0-3.el8_2', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var subscription_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in the Red Hat Enterprise Linux\\n' +\n 'Advanced Update Support, Extended Update Support, Telco Extended Update Support or Update Services for SAP Solutions repositories.\\n' +\n 'Access to these repositories requires a paid RHEL subscription.\\n';\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = subscription_caveat + rpm_report_get() + redhat_report_repo_caveat();\n else extra = subscription_caveat + rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'firefox');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-08-08T16:25:39", "description": "The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:0818 advisory.\n\n - xmltok_impl.c in Expat (aka libexpat) before 2.4.5 lacks certain validation of encoding, such as checks for whether a UTF-8 character is valid in a certain context. (CVE-2022-25235)\n\n - xmlparse.c in Expat (aka libexpat) before 2.4.5 allows attackers to insert namespace-separator characters into namespace URIs. (CVE-2022-25236)\n\n - In Expat (aka libexpat) before 2.4.5, there is an integer overflow in storeRawNames. (CVE-2022-25315)\n\n - Mozilla: Use-after-free in text reflows (CVE-2022-26381)\n\n - Mozilla: Browser window spoof using fullscreen mode (CVE-2022-26383)\n\n - Mozilla: iframe allow-scripts sandbox bypass (CVE-2022-26384)\n\n - Mozilla: Temporary files downloaded to /tmp and accessible by other local users (CVE-2022-26386)\n\n - Mozilla: Time-of-check time-of-use bug when verifying add-on signatures (CVE-2022-26387)\n\n - Mozilla: Use-after-free in XSLT parameter processing (CVE-2022-26485)\n\n - Mozilla: Use-after-free in WebGPU IPC Framework (CVE-2022-26486)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-03-11T00:00:00", "type": "nessus", "title": "RHEL 8 : firefox (RHSA-2022:0818)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-25235", "CVE-2022-25236", "CVE-2022-25315", "CVE-2022-26381", "CVE-2022-26383", "CVE-2022-26384", "CVE-2022-26386", "CVE-2022-26387", "CVE-2022-26485", "CVE-2022-26486"], "modified": "2023-05-25T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:8", "cpe:/o:redhat:rhel_aus:8.6", "cpe:/o:redhat:rhel_e4s:8.6", "cpe:/o:redhat:rhel_eus:8.6", "cpe:/o:redhat:rhel_tus:8.6", "p-cpe:/a:redhat:enterprise_linux:firefox"], "id": "REDHAT-RHSA-2022-0818.NASL", "href": "https://www.tenable.com/plugins/nessus/158803", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2022:0818. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(158803);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/25\");\n\n script_cve_id(\n \"CVE-2022-25235\",\n \"CVE-2022-25236\",\n \"CVE-2022-25315\",\n \"CVE-2022-26381\",\n \"CVE-2022-26383\",\n \"CVE-2022-26384\",\n \"CVE-2022-26386\",\n \"CVE-2022-26387\",\n \"CVE-2022-26485\",\n \"CVE-2022-26486\"\n );\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/03/21\");\n script_xref(name:\"RHSA\", value:\"2022:0818\");\n script_xref(name:\"IAVA\", value:\"2022-A-0103-S\");\n\n script_name(english:\"RHEL 8 : firefox (RHSA-2022:0818)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as\nreferenced in the RHSA-2022:0818 advisory.\n\n - xmltok_impl.c in Expat (aka libexpat) before 2.4.5 lacks certain validation of encoding, such as checks\n for whether a UTF-8 character is valid in a certain context. (CVE-2022-25235)\n\n - xmlparse.c in Expat (aka libexpat) before 2.4.5 allows attackers to insert namespace-separator characters\n into namespace URIs. (CVE-2022-25236)\n\n - In Expat (aka libexpat) before 2.4.5, there is an integer overflow in storeRawNames. (CVE-2022-25315)\n\n - Mozilla: Use-after-free in text reflows (CVE-2022-26381)\n\n - Mozilla: Browser window spoof using fullscreen mode (CVE-2022-26383)\n\n - Mozilla: iframe allow-scripts sandbox bypass (CVE-2022-26384)\n\n - Mozilla: Temporary files downloaded to /tmp and accessible by other local users (CVE-2022-26386)\n\n - Mozilla: Time-of-check time-of-use bug when verifying add-on signatures (CVE-2022-26387)\n\n - Mozilla: Use-after-free in XSLT parameter processing (CVE-2022-26485)\n\n - Mozilla: Use-after-free in WebGPU IPC Framework (CVE-2022-26486)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-25235\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-25236\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-25315\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-26381\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-26383\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-26384\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-26386\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-26387\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-26485\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-26486\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2022:0818\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2061735\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2061736\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2062220\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2062221\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2062222\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2062223\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2062224\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected firefox package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-25315\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(179, 190, 281, 367, 416, 449, 787, 838);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/02/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/03/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/03/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:firefox\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/aus/rhel8/8.6/x86_64/appstream/debug',\n 'content/aus/rhel8/8.6/x86_64/appstream/os',\n 'content/aus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/aus/rhel8/8.6/x86_64/baseos/debug',\n 'content/aus/rhel8/8.6/x86_64/baseos/os',\n 'content/aus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/appstream/debug',\n 'content/e4s/rhel8/8.6/ppc64le/appstream/os',\n 'content/e4s/rhel8/8.6/ppc64le/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/baseos/debug',\n 'content/e4s/rhel8/8.6/ppc64le/baseos/os',\n 'content/e4s/rhel8/8.6/ppc64le/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/highavailability/debug',\n 'content/e4s/rhel8/8.6/ppc64le/highavailability/os',\n 'content/e4s/rhel8/8.6/ppc64le/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/sap-solutions/debug',\n 'content/e4s/rhel8/8.6/ppc64le/sap-solutions/os',\n 'content/e4s/rhel8/8.6/ppc64le/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/sap/debug',\n 'content/e4s/rhel8/8.6/ppc64le/sap/os',\n 'content/e4s/rhel8/8.6/ppc64le/sap/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/appstream/debug',\n 'content/e4s/rhel8/8.6/x86_64/appstream/os',\n 'content/e4s/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/baseos/debug',\n 'content/e4s/rhel8/8.6/x86_64/baseos/os',\n 'content/e4s/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/debug',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/os',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/debug',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/os',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/sap/debug',\n 'content/e4s/rhel8/8.6/x86_64/sap/os',\n 'content/e4s/rhel8/8.6/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/appstream/debug',\n 'content/eus/rhel8/8.6/aarch64/appstream/os',\n 'content/eus/rhel8/8.6/aarch64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/baseos/debug',\n 'content/eus/rhel8/8.6/aarch64/baseos/os',\n 'content/eus/rhel8/8.6/aarch64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/codeready-builder/debug',\n 'content/eus/rhel8/8.6/aarch64/codeready-builder/os',\n 'content/eus/rhel8/8.6/aarch64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/highavailability/debug',\n 'content/eus/rhel8/8.6/aarch64/highavailability/os',\n 'content/eus/rhel8/8.6/aarch64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/supplementary/debug',\n 'content/eus/rhel8/8.6/aarch64/supplementary/os',\n 'content/eus/rhel8/8.6/aarch64/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/appstream/debug',\n 'content/eus/rhel8/8.6/ppc64le/appstream/os',\n 'content/eus/rhel8/8.6/ppc64le/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/baseos/debug',\n 'content/eus/rhel8/8.6/ppc64le/baseos/os',\n 'content/eus/rhel8/8.6/ppc64le/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/codeready-builder/debug',\n 'content/eus/rhel8/8.6/ppc64le/codeready-builder/os',\n 'content/eus/rhel8/8.6/ppc64le/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/highavailability/debug',\n 'content/eus/rhel8/8.6/ppc64le/highavailability/os',\n 'content/eus/rhel8/8.6/ppc64le/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/resilientstorage/debug',\n 'content/eus/rhel8/8.6/ppc64le/resilientstorage/os',\n 'content/eus/rhel8/8.6/ppc64le/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/sap-solutions/debug',\n 'content/eus/rhel8/8.6/ppc64le/sap-solutions/os',\n 'content/eus/rhel8/8.6/ppc64le/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/sap/debug',\n 'content/eus/rhel8/8.6/ppc64le/sap/os',\n 'content/eus/rhel8/8.6/ppc64le/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/supplementary/debug',\n 'content/eus/rhel8/8.6/ppc64le/supplementary/os',\n 'content/eus/rhel8/8.6/ppc64le/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/appstream/debug',\n 'content/eus/rhel8/8.6/s390x/appstream/os',\n 'content/eus/rhel8/8.6/s390x/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/baseos/debug',\n 'content/eus/rhel8/8.6/s390x/baseos/os',\n 'content/eus/rhel8/8.6/s390x/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/codeready-builder/debug',\n 'content/eus/rhel8/8.6/s390x/codeready-builder/os',\n 'content/eus/rhel8/8.6/s390x/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/highavailability/debug',\n 'content/eus/rhel8/8.6/s390x/highavailability/os',\n 'content/eus/rhel8/8.6/s390x/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/resilientstorage/debug',\n 'content/eus/rhel8/8.6/s390x/resilientstorage/os',\n 'content/eus/rhel8/8.6/s390x/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/sap/debug',\n 'content/eus/rhel8/8.6/s390x/sap/os',\n 'content/eus/rhel8/8.6/s390x/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/supplementary/debug',\n 'content/eus/rhel8/8.6/s390x/supplementary/os',\n 'content/eus/rhel8/8.6/s390x/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/appstream/debug',\n 'content/eus/rhel8/8.6/x86_64/appstream/os',\n 'content/eus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/baseos/debug',\n 'content/eus/rhel8/8.6/x86_64/baseos/os',\n 'content/eus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/debug',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/os',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/highavailability/debug',\n 'content/eus/rhel8/8.6/x86_64/highavailability/os',\n 'content/eus/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/debug',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/os',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/debug',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/os',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/sap/debug',\n 'content/eus/rhel8/8.6/x86_64/sap/os',\n 'content/eus/rhel8/8.6/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/supplementary/debug',\n 'content/eus/rhel8/8.6/x86_64/supplementary/os',\n 'content/eus/rhel8/8.6/x86_64/supplementary/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/appstream/debug',\n 'content/tus/rhel8/8.6/x86_64/appstream/os',\n 'content/tus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/baseos/debug',\n 'content/tus/rhel8/8.6/x86_64/baseos/os',\n 'content/tus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/highavailability/debug',\n 'content/tus/rhel8/8.6/x86_64/highavailability/os',\n 'content/tus/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/rt/os',\n 'content/tus/rhel8/8.6/x86_64/rt/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'firefox-91.7.0-3.el8_5', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE}\n ]\n },\n {\n 'repo_relative_urls': [\n 'content/dist/rhel8/8/aarch64/appstream/debug',\n 'content/dist/rhel8/8/aarch64/appstream/os',\n 'content/dist/rhel8/8/aarch64/appstream/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/baseos/debug',\n 'content/dist/rhel8/8/aarch64/baseos/os',\n 'content/dist/rhel8/8/aarch64/baseos/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/codeready-builder/debug',\n 'content/dist/rhel8/8/aarch64/codeready-builder/os',\n 'content/dist/rhel8/8/aarch64/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/highavailability/debug',\n 'content/dist/rhel8/8/aarch64/highavailability/os',\n 'content/dist/rhel8/8/aarch64/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/supplementary/debug',\n 'content/dist/rhel8/8/aarch64/supplementary/os',\n 'content/dist/rhel8/8/aarch64/supplementary/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/appstream/debug',\n 'content/dist/rhel8/8/ppc64le/appstream/os',\n 'content/dist/rhel8/8/ppc64le/appstream/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/baseos/debug',\n 'content/dist/rhel8/8/ppc64le/baseos/os',\n 'content/dist/rhel8/8/ppc64le/baseos/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/codeready-builder/debug',\n 'content/dist/rhel8/8/ppc64le/codeready-builder/os',\n 'content/dist/rhel8/8/ppc64le/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/highavailability/debug',\n 'content/dist/rhel8/8/ppc64le/highavailability/os',\n 'content/dist/rhel8/8/ppc64le/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/resilientstorage/debug',\n 'content/dist/rhel8/8/ppc64le/resilientstorage/os',\n 'content/dist/rhel8/8/ppc64le/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/sap-solutions/debug',\n 'content/dist/rhel8/8/ppc64le/sap-solutions/os',\n 'content/dist/rhel8/8/ppc64le/sap-solutions/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/sap/debug',\n 'content/dist/rhel8/8/ppc64le/sap/os',\n 'content/dist/rhel8/8/ppc64le/sap/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/supplementary/debug',\n 'content/dist/rhel8/8/ppc64le/supplementary/os',\n 'content/dist/rhel8/8/ppc64le/supplementary/source/SRPMS',\n 'content/dist/rhel8/8/s390x/appstream/debug',\n 'content/dist/rhel8/8/s390x/appstream/os',\n 'content/dist/rhel8/8/s390x/appstream/source/SRPMS',\n 'content/dist/rhel8/8/s390x/baseos/debug',\n 'content/dist/rhel8/8/s390x/baseos/os',\n 'content/dist/rhel8/8/s390x/baseos/source/SRPMS',\n 'content/dist/rhel8/8/s390x/codeready-builder/debug',\n 'content/dist/rhel8/8/s390x/codeready-builder/os',\n 'content/dist/rhel8/8/s390x/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/s390x/highavailability/debug',\n 'content/dist/rhel8/8/s390x/highavailability/os',\n 'content/dist/rhel8/8/s390x/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/s390x/resilientstorage/debug',\n 'content/dist/rhel8/8/s390x/resilientstorage/os',\n 'content/dist/rhel8/8/s390x/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/s390x/sap/debug',\n 'content/dist/rhel8/8/s390x/sap/os',\n 'content/dist/rhel8/8/s390x/sap/source/SRPMS',\n 'content/dist/rhel8/8/s390x/supplementary/debug',\n 'content/dist/rhel8/8/s390x/supplementary/os',\n 'content/dist/rhel8/8/s390x/supplementary/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/appstream/debug',\n 'content/dist/rhel8/8/x86_64/appstream/os',\n 'content/dist/rhel8/8/x86_64/appstream/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/baseos/debug',\n 'content/dist/rhel8/8/x86_64/baseos/os',\n 'content/dist/rhel8/8/x86_64/baseos/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/codeready-builder/debug',\n 'content/dist/rhel8/8/x86_64/codeready-builder/os',\n 'content/dist/rhel8/8/x86_64/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/highavailability/debug',\n 'content/dist/rhel8/8/x86_64/highavailability/os',\n 'content/dist/rhel8/8/x86_64/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/nfv/debug',\n 'content/dist/rhel8/8/x86_64/nfv/os',\n 'content/dist/rhel8/8/x86_64/nfv/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/resilientstorage/debug',\n 'content/dist/rhel8/8/x86_64/resilientstorage/os',\n 'content/dist/rhel8/8/x86_64/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/rt/debug',\n 'content/dist/rhel8/8/x86_64/rt/os',\n 'content/dist/rhel8/8/x86_64/rt/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/sap-solutions/debug',\n 'content/dist/rhel8/8/x86_64/sap-solutions/os',\n 'content/dist/rhel8/8/x86_64/sap-solutions/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/sap/debug',\n 'content/dist/rhel8/8/x86_64/sap/os',\n 'content/dist/rhel8/8/x86_64/sap/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/supplementary/debug',\n 'content/dist/rhel8/8/x86_64/supplementary/os',\n 'content/dist/rhel8/8/x86_64/supplementary/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'firefox-91.7.0-3.el8_5', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n var enterprise_linux_flag = rhel_repo_urls_has_content_dist_rhel(repo_urls:repo_relative_urls);\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp']) && !enterprise_linux_flag) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'firefox');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-08-08T16:23:26", "description": "The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:0817 advisory.\n\n - xmltok_impl.c in Expat (aka libexpat) before 2.4.5 lacks certain validation of encoding, such as checks for whether a UTF-8 character is valid in a certain context. (CVE-2022-25235)\n\n - xmlparse.c in Expat (aka libexpat) before 2.4.5 allows attackers to insert namespace-separator characters into namespace URIs. (CVE-2022-25236)\n\n - In Expat (aka libexpat) before 2.4.5, there is an integer overflow in storeRawNames. (CVE-2022-25315)\n\n - Mozilla: Use-after-free in text reflows (CVE-2022-26381)\n\n - Mozilla: Browser window spoof using fullscreen mode (CVE-2022-26383)\n\n - Mozilla: iframe allow-scripts sandbox bypass (CVE-2022-26384)\n\n - Mozilla: Temporary files downloaded to /tmp and accessible by other local users (CVE-2022-26386)\n\n - Mozilla: Time-of-check time-of-use bug when verifying add-on signatures (CVE-2022-26387)\n\n - Mozilla: Use-after-free in XSLT parameter processing (CVE-2022-26485)\n\n - Mozilla: Use-after-free in WebGPU IPC Framework (CVE-2022-26486)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-03-11T00:00:00", "type": "nessus", "title": "RHEL 8 : firefox (RHSA-2022:0817)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-25235", "CVE-2022-25236", "CVE-2022-25315", "CVE-2022-26381", "CVE-2022-26383", "CVE-2022-26384", "CVE-2022-26386", "CVE-2022-26387", "CVE-2022-26485", "CVE-2022-26486"], "modified": "2023-05-25T00:00:00", "cpe": ["cpe:/o:redhat:rhel_aus:8.4", "cpe:/o:redhat:rhel_e4s:8.4", "cpe:/o:redhat:rhel_eus:8.4", "cpe:/o:redhat:rhel_tus:8.4", "p-cpe:/a:redhat:enterprise_linux:firefox"], "id": "REDHAT-RHSA-2022-0817.NASL", "href": "https://www.tenable.com/plugins/nessus/158812", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2022:0817. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(158812);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/25\");\n\n script_cve_id(\n \"CVE-2022-25235\",\n \"CVE-2022-25236\",\n \"CVE-2022-25315\",\n \"CVE-2022-26381\",\n \"CVE-2022-26383\",\n \"CVE-2022-26384\",\n \"CVE-2022-26386\",\n \"CVE-2022-26387\",\n \"CVE-2022-26485\",\n \"CVE-2022-26486\"\n );\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/03/21\");\n script_xref(name:\"RHSA\", value:\"2022:0817\");\n script_xref(name:\"IAVA\", value:\"2022-A-0103-S\");\n\n script_name(english:\"RHEL 8 : firefox (RHSA-2022:0817)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as\nreferenced in the RHSA-2022:0817 advisory.\n\n - xmltok_impl.c in Expat (aka libexpat) before 2.4.5 lacks certain validation of encoding, such as checks\n for whether a UTF-8 character is valid in a certain context. (CVE-2022-25235)\n\n - xmlparse.c in Expat (aka libexpat) before 2.4.5 allows attackers to insert namespace-separator characters\n into namespace URIs. (CVE-2022-25236)\n\n - In Expat (aka libexpat) before 2.4.5, there is an integer overflow in storeRawNames. (CVE-2022-25315)\n\n - Mozilla: Use-after-free in text reflows (CVE-2022-26381)\n\n - Mozilla: Browser window spoof using fullscreen mode (CVE-2022-26383)\n\n - Mozilla: iframe allow-scripts sandbox bypass (CVE-2022-26384)\n\n - Mozilla: Temporary files downloaded to /tmp and accessible by other local users (CVE-2022-26386)\n\n - Mozilla: Time-of-check time-of-use bug when verifying add-on signatures (CVE-2022-26387)\n\n - Mozilla: Use-after-free in XSLT parameter processing (CVE-2022-26485)\n\n - Mozilla: Use-after-free in WebGPU IPC Framework (CVE-2022-26486)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-25235\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-25236\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-25315\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-26381\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-26383\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-26384\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-26386\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-26387\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-26485\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-26486\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2022:0817\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2061735\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2061736\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2062220\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2062221\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2062222\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2062223\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2062224\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected firefox package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-25315\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(179, 190, 281, 367, 416, 449, 787, 838);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/02/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/03/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/03/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:firefox\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'eq', os_version: os_ver, rhel_version: '8.4')) audit(AUDIT_OS_NOT, 'Red Hat 8.4', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/aus/rhel8/8.4/x86_64/appstream/debug',\n 'content/aus/rhel8/8.4/x86_64/appstream/os',\n 'content/aus/rhel8/8.4/x86_64/appstream/source/SRPMS',\n 'content/aus/rhel8/8.4/x86_64/baseos/debug',\n 'content/aus/rhel8/8.4/x86_64/baseos/os',\n 'content/aus/rhel8/8.4/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.4/aarch64/appstream/debug',\n 'content/e4s/rhel8/8.4/aarch64/appstream/os',\n 'content/e4s/rhel8/8.4/aarch64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.4/aarch64/baseos/debug',\n 'content/e4s/rhel8/8.4/aarch64/baseos/os',\n 'content/e4s/rhel8/8.4/aarch64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.4/ppc64le/appstream/debug',\n 'content/e4s/rhel8/8.4/ppc64le/appstream/os',\n 'content/e4s/rhel8/8.4/ppc64le/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.4/ppc64le/baseos/debug',\n 'content/e4s/rhel8/8.4/ppc64le/baseos/os',\n 'content/e4s/rhel8/8.4/ppc64le/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.4/ppc64le/highavailability/debug',\n 'content/e4s/rhel8/8.4/ppc64le/highavailability/os',\n 'content/e4s/rhel8/8.4/ppc64le/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.4/ppc64le/sap-solutions/debug',\n 'content/e4s/rhel8/8.4/ppc64le/sap-solutions/os',\n 'content/e4s/rhel8/8.4/ppc64le/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.4/ppc64le/sap/debug',\n 'content/e4s/rhel8/8.4/ppc64le/sap/os',\n 'content/e4s/rhel8/8.4/ppc64le/sap/source/SRPMS',\n 'content/e4s/rhel8/8.4/s390x/appstream/debug',\n 'content/e4s/rhel8/8.4/s390x/appstream/os',\n 'content/e4s/rhel8/8.4/s390x/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.4/s390x/baseos/debug',\n 'content/e4s/rhel8/8.4/s390x/baseos/os',\n 'content/e4s/rhel8/8.4/s390x/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/appstream/debug',\n 'content/e4s/rhel8/8.4/x86_64/appstream/os',\n 'content/e4s/rhel8/8.4/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/baseos/debug',\n 'content/e4s/rhel8/8.4/x86_64/baseos/os',\n 'content/e4s/rhel8/8.4/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/highavailability/debug',\n 'content/e4s/rhel8/8.4/x86_64/highavailability/os',\n 'content/e4s/rhel8/8.4/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/nfv/debug',\n 'content/e4s/rhel8/8.4/x86_64/nfv/os',\n 'content/e4s/rhel8/8.4/x86_64/nfv/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/sap-solutions/debug',\n 'content/e4s/rhel8/8.4/x86_64/sap-solutions/os',\n 'content/e4s/rhel8/8.4/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/sap/debug',\n 'content/e4s/rhel8/8.4/x86_64/sap/os',\n 'content/e4s/rhel8/8.4/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.4/aarch64/appstream/debug',\n 'content/eus/rhel8/8.4/aarch64/appstream/os',\n 'content/eus/rhel8/8.4/aarch64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.4/aarch64/baseos/debug',\n 'content/eus/rhel8/8.4/aarch64/baseos/os',\n 'content/eus/rhel8/8.4/aarch64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.4/aarch64/codeready-builder/debug',\n 'content/eus/rhel8/8.4/aarch64/codeready-builder/os',\n 'content/eus/rhel8/8.4/aarch64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.4/aarch64/highavailability/debug',\n 'content/eus/rhel8/8.4/aarch64/highavailability/os',\n 'content/eus/rhel8/8.4/aarch64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.4/aarch64/supplementary/debug',\n 'content/eus/rhel8/8.4/aarch64/supplementary/os',\n 'content/eus/rhel8/8.4/aarch64/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/appstream/debug',\n 'content/eus/rhel8/8.4/ppc64le/appstream/os',\n 'content/eus/rhel8/8.4/ppc64le/appstream/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/baseos/debug',\n 'content/eus/rhel8/8.4/ppc64le/baseos/os',\n 'content/eus/rhel8/8.4/ppc64le/baseos/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/codeready-builder/debug',\n 'content/eus/rhel8/8.4/ppc64le/codeready-builder/os',\n 'content/eus/rhel8/8.4/ppc64le/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/highavailability/debug',\n 'content/eus/rhel8/8.4/ppc64le/highavailability/os',\n 'content/eus/rhel8/8.4/ppc64le/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/resilientstorage/debug',\n 'content/eus/rhel8/8.4/ppc64le/resilientstorage/os',\n 'content/eus/rhel8/8.4/ppc64le/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/sap-solutions/debug',\n 'content/eus/rhel8/8.4/ppc64le/sap-solutions/os',\n 'content/eus/rhel8/8.4/ppc64le/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/sap/debug',\n 'content/eus/rhel8/8.4/ppc64le/sap/os',\n 'content/eus/rhel8/8.4/ppc64le/sap/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/supplementary/debug',\n 'content/eus/rhel8/8.4/ppc64le/supplementary/os',\n 'content/eus/rhel8/8.4/ppc64le/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/appstream/debug',\n 'content/eus/rhel8/8.4/s390x/appstream/os',\n 'content/eus/rhel8/8.4/s390x/appstream/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/baseos/debug',\n 'content/eus/rhel8/8.4/s390x/baseos/os',\n 'content/eus/rhel8/8.4/s390x/baseos/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/codeready-builder/debug',\n 'content/eus/rhel8/8.4/s390x/codeready-builder/os',\n 'content/eus/rhel8/8.4/s390x/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/highavailability/debug',\n 'content/eus/rhel8/8.4/s390x/highavailability/os',\n 'content/eus/rhel8/8.4/s390x/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/resilientstorage/debug',\n 'content/eus/rhel8/8.4/s390x/resilientstorage/os',\n 'content/eus/rhel8/8.4/s390x/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/sap/debug',\n 'content/eus/rhel8/8.4/s390x/sap/os',\n 'content/eus/rhel8/8.4/s390x/sap/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/supplementary/debug',\n 'content/eus/rhel8/8.4/s390x/supplementary/os',\n 'content/eus/rhel8/8.4/s390x/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/appstream/debug',\n 'content/eus/rhel8/8.4/x86_64/appstream/os',\n 'content/eus/rhel8/8.4/x86_64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/baseos/debug',\n 'content/eus/rhel8/8.4/x86_64/baseos/os',\n 'content/eus/rhel8/8.4/x86_64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/codeready-builder/debug',\n 'content/eus/rhel8/8.4/x86_64/codeready-builder/os',\n 'content/eus/rhel8/8.4/x86_64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/highavailability/debug',\n 'content/eus/rhel8/8.4/x86_64/highavailability/os',\n 'content/eus/rhel8/8.4/x86_64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/resilientstorage/debug',\n 'content/eus/rhel8/8.4/x86_64/resilientstorage/os',\n 'content/eus/rhel8/8.4/x86_64/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/sap-solutions/debug',\n 'content/eus/rhel8/8.4/x86_64/sap-solutions/os',\n 'content/eus/rhel8/8.4/x86_64/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/sap/debug',\n 'content/eus/rhel8/8.4/x86_64/sap/os',\n 'content/eus/rhel8/8.4/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/supplementary/debug',\n 'content/eus/rhel8/8.4/x86_64/supplementary/os',\n 'content/eus/rhel8/8.4/x86_64/supplementary/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/appstream/debug',\n 'content/tus/rhel8/8.4/x86_64/appstream/os',\n 'content/tus/rhel8/8.4/x86_64/appstream/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/baseos/debug',\n 'content/tus/rhel8/8.4/x86_64/baseos/os',\n 'content/tus/rhel8/8.4/x86_64/baseos/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/highavailability/debug',\n 'content/tus/rhel8/8.4/x86_64/highavailability/os',\n 'content/tus/rhel8/8.4/x86_64/highavailability/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/nfv/debug',\n 'content/tus/rhel8/8.4/x86_64/nfv/os',\n 'content/tus/rhel8/8.4/x86_64/nfv/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/rt/debug',\n 'content/tus/rhel8/8.4/x86_64/rt/os',\n 'content/tus/rhel8/8.4/x86_64/rt/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'firefox-91.7.0-3.el8_4', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var subscription_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in the Red Hat Enterprise Linux\\n' +\n 'Advanced Update Support, Extended Update Support, Telco Extended Update Support or Update Services for SAP Solutions repositories.\\n' +\n 'Access to these repositories requires a paid RHEL subscription.\\n';\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = subscription_caveat + rpm_report_get() + redhat_report_repo_caveat();\n else extra = subscription_caveat + rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'firefox');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-08-08T16:21:11", "description": "The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2022:0824 advisory.\n\n - expat: Malformed 2- and 3-byte UTF-8 sequences can lead to arbitrary code execution (CVE-2022-25235)\n\n - expat: Namespace-separator characters in xmlns[:prefix] attribute values can lead to arbitrary code execution (CVE-2022-25236)\n\n - expat: Integer overflow in storeRawNames() (CVE-2022-25315)\n\n - Mozilla: Use-after-free in text reflows (CVE-2022-26381)\n\n - Mozilla: Browser window spoof using fullscreen mode (CVE-2022-26383)\n\n - Mozilla: iframe allow-scripts sandbox bypass (CVE-2022-26384)\n\n - Mozilla: Temporary files downloaded to /tmp and accessible by other local users (CVE-2022-26386)\n\n - Mozilla: Time-of-check time-of-use bug when verifying add-on signatures (CVE-2022-26387)\n\n - Mozilla: Use-after-free in XSLT parameter processing (CVE-2022-26485)\n\n - Mozilla: Use-after-free in WebGPU IPC Framework (CVE-2022-26486)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-03-29T00:00:00", "type": "nessus", "title": "CentOS 7 : firefox (CESA-2022:0824)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-25235", "CVE-2022-25236", "CVE-2022-25315", "CVE-2022-26381", "CVE-2022-26383", "CVE-2022-26384", "CVE-2022-26386", "CVE-2022-26387", "CVE-2022-26485", "CVE-2022-26486"], "modified": "2023-04-25T00:00:00", "cpe": ["p-cpe:/a:centos:centos:firefox", "cpe:/o:centos:centos:7"], "id": "CENTOS_RHSA-2022-0824.NASL", "href": "https://www.tenable.com/plugins/nessus/159315", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2022:0824 and\n# CentOS Errata and Security Advisory 2022:0824 respectively.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(159315);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/04/25\");\n\n script_cve_id(\n \"CVE-2022-25235\",\n \"CVE-2022-25236\",\n \"CVE-2022-25315\",\n \"CVE-2022-26381\",\n \"CVE-2022-26383\",\n \"CVE-2022-26384\",\n \"CVE-2022-26386\",\n \"CVE-2022-26387\",\n \"CVE-2022-26485\",\n \"CVE-2022-26486\"\n );\n script_xref(name:\"IAVA\", value:\"2022-A-0103-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/03/21\");\n script_xref(name:\"RHSA\", value:\"2022:0824\");\n\n script_name(english:\"CentOS 7 : firefox (CESA-2022:0824)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote CentOS Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the\nCESA-2022:0824 advisory.\n\n - expat: Malformed 2- and 3-byte UTF-8 sequences can lead to arbitrary code execution (CVE-2022-25235)\n\n - expat: Namespace-separator characters in xmlns[:prefix] attribute values can lead to arbitrary code\n execution (CVE-2022-25236)\n\n - expat: Integer overflow in storeRawNames() (CVE-2022-25315)\n\n - Mozilla: Use-after-free in text reflows (CVE-2022-26381)\n\n - Mozilla: Browser window spoof using fullscreen mode (CVE-2022-26383)\n\n - Mozilla: iframe allow-scripts sandbox bypass (CVE-2022-26384)\n\n - Mozilla: Temporary files downloaded to /tmp and accessible by other local users (CVE-2022-26386)\n\n - Mozilla: Time-of-check time-of-use bug when verifying add-on signatures (CVE-2022-26387)\n\n - Mozilla: Use-after-free in XSLT parameter processing (CVE-2022-26485)\n\n - Mozilla: Use-after-free in WebGPU IPC Framework (CVE-2022-26486)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n # https://lists.centos.org/pipermail/centos-announce/2022-March/073578.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?22263b74\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/20.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/190.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/281.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/367.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/416.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/451.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/787.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/838.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected firefox package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-25315\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20, 190, 281, 367, 416, 451, 787, 838);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/02/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/03/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/03/29\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:firefox\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:7\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CentOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/CentOS/release');\nif (isnull(release) || 'CentOS' >!< release) audit(AUDIT_OS_NOT, 'CentOS');\nvar os_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'CentOS');\nvar os_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '7')) audit(AUDIT_OS_NOT, 'CentOS 7.x', 'CentOS ' + os_ver);\n\nif (!get_kb_item('Host/CentOS/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'CentOS', cpu);\n\nvar pkgs = [\n {'reference':'firefox-91.7.0-3.el7.centos', 'cpu':'i686', 'release':'CentOS-7', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE},\n {'reference':'firefox-91.7.0-3.el7.centos', 'cpu':'x86_64', 'release':'CentOS-7', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'firefox');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-08-09T15:06:17", "description": "The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:0845 advisory.\n\n - thunderbird: Crafted email could trigger an out-of-bounds write (CVE-2022-0566)\n\n - xmltok_impl.c in Expat (aka libexpat) before 2.4.5 lacks certain validation of encoding, such as checks for whether a UTF-8 character is valid in a certain context. (CVE-2022-25235)\n\n - xmlparse.c in Expat (aka libexpat) before 2.4.5 allows attackers to insert namespace-separator characters into namespace URIs. (CVE-2022-25236)\n\n - In Expat (aka libexpat) before 2.4.5, there is an integer overflow in storeRawNames. (CVE-2022-25315)\n\n - Mozilla: Use-after-free in text reflows (CVE-2022-26381)\n\n - Mozilla: Browser window spoof using fullscreen mode (CVE-2022-26383)\n\n - Mozilla: iframe allow-scripts sandbox bypass (CVE-2022-26384)\n\n - Mozilla: Temporary files downloaded to /tmp and accessible by other local users (CVE-2022-26386)\n\n - Mozilla: Time-of-check time-of-use bug when verifying add-on signatures (CVE-2022-26387)\n\n - Mozilla: Use-after-free in XSLT parameter processing (CVE-2022-26485)\n\n - Mozilla: Use-after-free in WebGPU IPC Framework (CVE-2022-26486)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-03-15T00:00:00", "type": "nessus", "title": "RHEL 8 : thunderbird (RHSA-2022:0845)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-0566", "CVE-2022-25235", "CVE-2022-25236", "CVE-2022-25315", "CVE-2022-26381", "CVE-2022-26383", "CVE-2022-26384", "CVE-2022-26386", "CVE-2022-26387", "CVE-2022-26485", "CVE-2022-26486"], "modified": "2023-05-25T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:8", "cpe:/o:redhat:rhel_aus:8.6", "cpe:/o:redhat:rhel_e4s:8.6", "cpe:/o:redhat:rhel_eus:8.6", "cpe:/o:redhat:rhel_tus:8.6", "p-cpe:/a:redhat:enterprise_linux:thunderbird"], "id": "REDHAT-RHSA-2022-0845.NASL", "href": "https://www.tenable.com/plugins/nessus/158913", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2022:0845. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(158913);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/25\");\n\n script_cve_id(\n \"CVE-2022-0566\",\n \"CVE-2022-25235\",\n \"CVE-2022-25236\",\n \"CVE-2022-25315\",\n \"CVE-2022-26381\",\n \"CVE-2022-26383\",\n \"CVE-2022-26384\",\n \"CVE-2022-26386\",\n \"CVE-2022-26387\",\n \"CVE-2022-26485\",\n \"CVE-2022-26486\"\n );\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/03/21\");\n script_xref(name:\"RHSA\", value:\"2022:0845\");\n script_xref(name:\"IAVA\", value:\"2022-A-0103-S\");\n script_xref(name:\"IAVA\", value:\"2022-A-0088-S\");\n\n script_name(english:\"RHEL 8 : thunderbird (RHSA-2022:0845)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as\nreferenced in the RHSA-2022:0845 advisory.\n\n - thunderbird: Crafted email could trigger an out-of-bounds write (CVE-2022-0566)\n\n - xmltok_impl.c in Expat (aka libexpat) before 2.4.5 lacks certain validation of encoding, such as checks\n for whether a UTF-8 character is valid in a certain context. (CVE-2022-25235)\n\n - xmlparse.c in Expat (aka libexpat) before 2.4.5 allows attackers to insert namespace-separator characters\n into namespace URIs. (CVE-2022-25236)\n\n - In Expat (aka libexpat) before 2.4.5, there is an integer overflow in storeRawNames. (CVE-2022-25315)\n\n - Mozilla: Use-after-free in text reflows (CVE-2022-26381)\n\n - Mozilla: Browser window spoof using fullscreen mode (CVE-2022-26383)\n\n - Mozilla: iframe allow-scripts sandbox bypass (CVE-2022-26384)\n\n - Mozilla: Temporary files downloaded to /tmp and accessible by other local users (CVE-2022-26386)\n\n - Mozilla: Time-of-check time-of-use bug when verifying add-on signatures (CVE-2022-26387)\n\n - Mozilla: Use-after-free in XSLT parameter processing (CVE-2022-26485)\n\n - Mozilla: Use-after-free in WebGPU IPC Framework (CVE-2022-26486)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-0566\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-25235\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-25236\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-25315\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-26381\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-26383\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-26384\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-26386\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-26387\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-26485\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-26486\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2022:0845\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2055591\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2061735\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2061736\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2062220\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2062221\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2062222\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2062223\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2062224\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected thunderbird package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-25315\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(179, 190, 281, 367, 416, 449, 787, 838);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/02/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/03/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/03/15\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:thunderbird\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/aus/rhel8/8.6/x86_64/appstream/debug',\n 'content/aus/rhel8/8.6/x86_64/appstream/os',\n 'content/aus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/aus/rhel8/8.6/x86_64/baseos/debug',\n 'content/aus/rhel8/8.6/x86_64/baseos/os',\n 'content/aus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/appstream/debug',\n 'content/e4s/rhel8/8.6/ppc64le/appstream/os',\n 'content/e4s/rhel8/8.6/ppc64le/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/baseos/debug',\n 'content/e4s/rhel8/8.6/ppc64le/baseos/os',\n 'content/e4s/rhel8/8.6/ppc64le/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/highavailability/debug',\n 'content/e4s/rhel8/8.6/ppc64le/highavailability/os',\n 'content/e4s/rhel8/8.6/ppc64le/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/sap-solutions/debug',\n 'content/e4s/rhel8/8.6/ppc64le/sap-solutions/os',\n 'content/e4s/rhel8/8.6/ppc64le/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/sap/debug',\n 'content/e4s/rhel8/8.6/ppc64le/sap/os',\n 'content/e4s/rhel8/8.6/ppc64le/sap/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/appstream/debug',\n 'content/e4s/rhel8/8.6/x86_64/appstream/os',\n 'content/e4s/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/baseos/debug',\n 'content/e4s/rhel8/8.6/x86_64/baseos/os',\n 'content/e4s/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/debug',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/os',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/debug',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/os',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/sap/debug',\n 'content/e4s/rhel8/8.6/x86_64/sap/os',\n 'content/e4s/rhel8/8.6/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/appstream/debug',\n 'content/eus/rhel8/8.6/aarch64/appstream/os',\n 'content/eus/rhel8/8.6/aarch64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/baseos/debug',\n 'content/eus/rhel8/8.6/aarch64/baseos/os',\n 'content/eus/rhel8/8.6/aarch64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/codeready-builder/debug',\n 'content/eus/rhel8/8.6/aarch64/codeready-builder/os',\n 'content/eus/rhel8/8.6/aarch64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/highavailability/debug',\n 'content/eus/rhel8/8.6/aarch64/highavailability/os',\n 'content/eus/rhel8/8.6/aarch64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/supplementary/debug',\n 'content/eus/rhel8/8.6/aarch64/supplementary/os',\n 'content/eus/rhel8/8.6/aarch64/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/appstream/debug',\n 'content/eus/rhel8/8.6/ppc64le/appstream/os',\n 'content/eus/rhel8/8.6/ppc64le/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/baseos/debug',\n 'content/eus/rhel8/8.6/ppc64le/baseos/os',\n 'content/eus/rhel8/8.6/ppc64le/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/codeready-builder/debug',\n 'content/eus/rhel8/8.6/ppc64le/codeready-builder/os',\n 'content/eus/rhel8/8.6/ppc64le/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/highavailability/debug',\n 'content/eus/rhel8/8.6/ppc64le/highavailability/os',\n 'content/eus/rhel8/8.6/ppc64le/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/resilientstorage/debug',\n 'content/eus/rhel8/8.6/ppc64le/resilientstorage/os',\n 'content/eus/rhel8/8.6/ppc64le/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/sap-solutions/debug',\n 'content/eus/rhel8/8.6/ppc64le/sap-solutions/os',\n 'content/eus/rhel8/8.6/ppc64le/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/sap/debug',\n 'content/eus/rhel8/8.6/ppc64le/sap/os',\n 'content/eus/rhel8/8.6/ppc64le/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/supplementary/debug',\n 'content/eus/rhel8/8.6/ppc64le/supplementary/os',\n 'content/eus/rhel8/8.6/ppc64le/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/appstream/debug',\n 'content/eus/rhel8/8.6/s390x/appstream/os',\n 'content/eus/rhel8/8.6/s390x/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/baseos/debug',\n 'content/eus/rhel8/8.6/s390x/baseos/os',\n 'content/eus/rhel8/8.6/s390x/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/codeready-builder/debug',\n 'content/eus/rhel8/8.6/s390x/codeready-builder/os',\n 'content/eus/rhel8/8.6/s390x/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/highavailability/debug',\n 'content/eus/rhel8/8.6/s390x/highavailability/os',\n 'content/eus/rhel8/8.6/s390x/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/resilientstorage/debug',\n 'content/eus/rhel8/8.6/s390x/resilientstorage/os',\n 'content/eus/rhel8/8.6/s390x/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/sap/debug',\n 'content/eus/rhel8/8.6/s390x/sap/os',\n 'content/eus/rhel8/8.6/s390x/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/supplementary/debug',\n 'content/eus/rhel8/8.6/s390x/supplementary/os',\n 'content/eus/rhel8/8.6/s390x/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/appstream/debug',\n 'content/eus/rhel8/8.6/x86_64/appstream/os',\n 'content/eus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/baseos/debug',\n 'content/eus/rhel8/8.6/x86_64/baseos/os',\n 'content/eus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/debug',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/os',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/highavailability/debug',\n 'content/eus/rhel8/8.6/x86_64/highavailability/os',\n 'content/eus/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/debug',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/os',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/debug',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/os',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/sap/debug',\n 'content/eus/rhel8/8.6/x86_64/sap/os',\n 'content/eus/rhel8/8.6/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/supplementary/debug',\n 'content/eus/rhel8/8.6/x86_64/supplementary/os',\n 'content/eus/rhel8/8.6/x86_64/supplementary/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/appstream/debug',\n 'content/tus/rhel8/8.6/x86_64/appstream/os',\n 'content/tus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/baseos/debug',\n 'content/tus/rhel8/8.6/x86_64/baseos/os',\n 'content/tus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/highavailability/debug',\n 'content/tus/rhel8/8.6/x86_64/highavailability/os',\n 'content/tus/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/rt/os',\n 'content/tus/rhel8/8.6/x86_64/rt/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'thunderbird-91.7.0-2.el8_5', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE}\n ]\n },\n {\n 'repo_relative_urls': [\n 'content/dist/rhel8/8/aarch64/appstream/debug',\n 'content/dist/rhel8/8/aarch64/appstream/os',\n 'content/dist/rhel8/8/aarch64/appstream/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/baseos/debug',\n 'content/dist/rhel8/8/aarch64/baseos/os',\n 'content/dist/rhel8/8/aarch64/baseos/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/codeready-builder/debug',\n 'content/dist/rhel8/8/aarch64/codeready-builder/os',\n 'content/dist/rhel8/8/aarch64/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/highavailability/debug',\n 'content/dist/rhel8/8/aarch64/highavailability/os',\n 'content/dist/rhel8/8/aarch64/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/supplementary/debug',\n 'content/dist/rhel8/8/aarch64/supplementary/os',\n 'content/dist/rhel8/8/aarch64/supplementary/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/appstream/debug',\n 'content/dist/rhel8/8/ppc64le/appstream/os',\n 'content/dist/rhel8/8/ppc64le/appstream/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/baseos/debug',\n 'content/dist/rhel8/8/ppc64le/baseos/os',\n 'content/dist/rhel8/8/ppc64le/baseos/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/codeready-builder/debug',\n 'content/dist/rhel8/8/ppc64le/codeready-builder/os',\n 'content/dist/rhel8/8/ppc64le/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/highavailability/debug',\n 'content/dist/rhel8/8/ppc64le/highavailability/os',\n 'content/dist/rhel8/8/ppc64le/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/resilientstorage/debug',\n 'content/dist/rhel8/8/ppc64le/resilientstorage/os',\n 'content/dist/rhel8/8/ppc64le/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/sap-solutions/debug',\n 'content/dist/rhel8/8/ppc64le/sap-solutions/os',\n 'content/dist/rhel8/8/ppc64le/sap-solutions/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/sap/debug',\n 'content/dist/rhel8/8/ppc64le/sap/os',\n 'content/dist/rhel8/8/ppc64le/sap/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/supplementary/debug',\n 'content/dist/rhel8/8/ppc64le/supplementary/os',\n 'content/dist/rhel8/8/ppc64le/supplementary/source/SRPMS',\n 'content/dist/rhel8/8/s390x/appstream/debug',\n 'content/dist/rhel8/8/s390x/appstream/os',\n 'content/dist/rhel8/8/s390x/appstream/source/SRPMS',\n 'content/dist/rhel8/8/s390x/baseos/debug',\n 'content/dist/rhel8/8/s390x/baseos/os',\n 'content/dist/rhel8/8/s390x/baseos/source/SRPMS',\n 'content/dist/rhel8/8/s390x/codeready-builder/debug',\n 'content/dist/rhel8/8/s390x/codeready-builder/os',\n 'content/dist/rhel8/8/s390x/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/s390x/highavailability/debug',\n 'content/dist/rhel8/8/s390x/highavailability/os',\n 'content/dist/rhel8/8/s390x/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/s390x/resilientstorage/debug',\n 'content/dist/rhel8/8/s390x/resilientstorage/os',\n 'content/dist/rhel8/8/s390x/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/s390x/sap/debug',\n 'content/dist/rhel8/8/s390x/sap/os',\n 'content/dist/rhel8/8/s390x/sap/source/SRPMS',\n 'content/dist/rhel8/8/s390x/supplementary/debug',\n 'content/dist/rhel8/8/s390x/supplementary/os',\n 'content/dist/rhel8/8/s390x/supplementary/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/appstream/debug',\n 'content/dist/rhel8/8/x86_64/appstream/os',\n 'content/dist/rhel8/8/x86_64/appstream/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/baseos/debug',\n 'content/dist/rhel8/8/x86_64/baseos/os',\n 'content/dist/rhel8/8/x86_64/baseos/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/codeready-builder/debug',\n 'content/dist/rhel8/8/x86_64/codeready-builder/os',\n 'content/dist/rhel8/8/x86_64/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/highavailability/debug',\n 'content/dist/rhel8/8/x86_64/highavailability/os',\n 'content/dist/rhel8/8/x86_64/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/nfv/debug',\n 'content/dist/rhel8/8/x86_64/nfv/os',\n 'content/dist/rhel8/8/x86_64/nfv/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/resilientstorage/debug',\n 'content/dist/rhel8/8/x86_64/resilientstorage/os',\n 'content/dist/rhel8/8/x86_64/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/rt/debug',\n 'content/dist/rhel8/8/x86_64/rt/os',\n 'content/dist/rhel8/8/x86_64/rt/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/sap-solutions/debug',\n 'content/dist/rhel8/8/x86_64/sap-solutions/os',\n 'content/dist/rhel8/8/x86_64/sap-solutions/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/sap/debug',\n 'content/dist/rhel8/8/x86_64/sap/os',\n 'content/dist/rhel8/8/x86_64/sap/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/supplementary/debug',\n 'content/dist/rhel8/8/x86_64/supplementary/os',\n 'content/dist/rhel8/8/x86_64/supplementary/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'thunderbird-91.7.0-2.el8_5', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n var enterprise_linux_flag = rhel_repo_urls_has_content_dist_rhel(repo_urls:repo_relative_urls);\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp']) && !enterprise_linux_flag) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'thunderbird');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-08-08T16:29:35", "description": "The version of thunderbird installed on the remote host is prior to 91.7.0-2. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2022-1779 advisory.\n\n - In Expat (aka libexpat) before 2.4.5, there is an integer overflow in storeRawNames. (CVE-2022-25315)\n\n - It may be possible for an attacker to craft an email message that causes Thunderbird to perform an out-of- bounds write of one byte when processing the message. This vulnerability affects Thunderbird < 91.6.1.\n (CVE-2022-0566)\n\n - xmltok_impl.c in Expat (aka libexpat) before 2.4.5 lacks certain validation of encoding, such as checks for whether a UTF-8 character is valid in a certain context. (CVE-2022-25235)\n\n - xmlparse.c in Expat (aka libexpat) before 2.4.5 allows attackers to insert namespace-separator characters into namespace URIs. (CVE-2022-25236)\n\n - An attacker could have caused a use-after-free by forcing a text reflow in an SVG object leading to a potentially exploitable crash. This vulnerability affects Firefox < 98, Firefox ESR < 91.7, and Thunderbird < 91.7. (CVE-2022-26381)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-04-27T00:00:00", "type": "nessus", "title": "Amazon Linux 2 : thunderbird (ALAS-2022-1779)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-0566", "CVE-2022-25235", "CVE-2022-25236", "CVE-2022-25315", "CVE-2022-26381", "CVE-2022-26383", "CVE-2022-26384", "CVE-2022-26386", "CVE-2022-26387", "CVE-2022-26485", "CVE-2022-26486"], "modified": "2023-04-25T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:thunderbird", "p-cpe:/a:amazon:linux:thunderbird-debuginfo", "cpe:/o:amazon:linux:2"], "id": "AL2_ALAS-2022-1779.NASL", "href": "https://www.tenable.com/plugins/nessus/160270", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux 2 Security Advisory ALAS-2022-1779.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(160270);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/04/25\");\n\n script_cve_id(\n \"CVE-2022-0566\",\n \"CVE-2022-25235\",\n \"CVE-2022-25236\",\n \"CVE-2022-25315\",\n \"CVE-2022-26381\",\n \"CVE-2022-26383\",\n \"CVE-2022-26384\",\n \"CVE-2022-26386\",\n \"CVE-2022-26387\",\n \"CVE-2022-26485\",\n \"CVE-2022-26486\"\n );\n script_xref(name:\"IAVA\", value:\"2022-A-0103-S\");\n script_xref(name:\"IAVA\", value:\"2022-A-0088-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/03/21\");\n script_xref(name:\"ALAS\", value:\"2022-1779\");\n\n script_name(english:\"Amazon Linux 2 : thunderbird (ALAS-2022-1779)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Amazon Linux 2 host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of thunderbird installed on the remote host is prior to 91.7.0-2. It is, therefore, affected by multiple\nvulnerabilities as referenced in the ALAS2-2022-1779 advisory.\n\n - In Expat (aka libexpat) before 2.4.5, there is an integer overflow in storeRawNames. (CVE-2022-25315)\n\n - It may be possible for an attacker to craft an email message that causes Thunderbird to perform an out-of-\n bounds write of one byte when processing the message. This vulnerability affects Thunderbird < 91.6.1.\n (CVE-2022-0566)\n\n - xmltok_impl.c in Expat (aka libexpat) before 2.4.5 lacks certain validation of encoding, such as checks\n for whether a UTF-8 character is valid in a certain context. (CVE-2022-25235)\n\n - xmlparse.c in Expat (aka libexpat) before 2.4.5 allows attackers to insert namespace-separator characters\n into namespace URIs. (CVE-2022-25236)\n\n - An attacker could have caused a use-after-free by forcing a text reflow in an SVG object leading to a\n potentially exploitable crash. This vulnerability affects Firefox < 98, Firefox ESR < 91.7, and\n Thunderbird < 91.7. (CVE-2022-26381)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/AL2/ALAS-2022-1779.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-0566.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-25235.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-25236.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-25315.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-26381.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-26383.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-26384.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-26386.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-26387.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-26485.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-26486.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Run 'yum update thunderbird' to update your system.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-25315\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/02/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/04/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/04/27\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:thunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:thunderbird-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux:2\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nvar os_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nvar os_ver = os_ver[1];\nif (os_ver != \"2\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux 2\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar pkgs = [\n {'reference':'thunderbird-91.7.0-2.amzn2.0.1', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE},\n {'reference':'thunderbird-91.7.0-2.amzn2.0.1', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE},\n {'reference':'thunderbird-debuginfo-91.7.0-2.amzn2.0.1', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE},\n {'reference':'thunderbird-debuginfo-91.7.0-2.amzn2.0.1', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n if (rpm_check(release:release, cpu:cpu, reference:reference, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"thunderbird / thunderbird-debuginfo\");\n}", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-08-09T15:06:03", "description": "The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2022-0850 advisory.\n\n - xmltok_impl.c in Expat (aka libexpat) before 2.4.5 lacks certain validation of encoding, such as checks for whether a UTF-8 character is valid in a certain context. (CVE-2022-25235)\n\n - Previously Thunderbird for macOS and Linux would download temporary files to a user-specific directory in <code>/tmp</code>, but this behavior was changed to download them to <code>/tmp</code> where they could be affected by other local users. This behavior was reverted to the original, user-specific directory. This bug only affects Thunderbird for macOS and Linux. Other operating systems are unaffected.\n (CVE-2022-26386)\n\n - xmlparse.c in Expat (aka libexpat) before 2.4.5 allows attackers to insert namespace-separator characters into namespace URIs. (CVE-2022-25236)\n\n - In Expat (aka libexpat) before 2.4.5, there is an integer overflow in storeRawNames. (CVE-2022-25315)\n\n - An attacker could have caused a use-after-free by forcing a text reflow in an SVG object leading to a potentially exploitable crash. (CVE-2022-26381)\n\n - Mozilla: Browser window spoof using fullscreen mode (CVE-2022-26383)\n\n - If an attacker could control the contents of an iframe sandboxed with <code>allow-popups</code> but not <code>allow-scripts</code>, they were able to craft a link that, when clicked, would lead to JavaScript execution in violation of the sandbox. (CVE-2022-26384)\n\n - When installing an add-on, Thunderbird verified the signature before prompting the user; but while the user was confirming the prompt, the underlying add-on file could have been modified and Thunderbird would not have noticed. (CVE-2022-26387)\n\n - Removing an XSLT parameter during processing could have lead to an exploitable use-after-free. We have had reports of attacks in the wild abusing this flaw. (CVE-2022-26485)\n\n - An unexpected message in the WebGPU IPC framework could lead to a use-after-free and exploitable sandbox escape. We have had reports of attacks in the wild abusing this flaw. (CVE-2022-26486)\n\n - It may be possible for an attacker to craft an email message that causes Thunderbird to perform an out-of- bounds write of one byte when processing the message. (CVE-2022-0566)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-03-14T00:00:00", "type": "nessus", "title": "Oracle Linux 7 : thunderbird (ELSA-2022-0850)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-0566", "CVE-2022-25235", "CVE-2022-25236", "CVE-2022-25315", "CVE-2022-26381", "CVE-2022-26383", "CVE-2022-26384", "CVE-2022-26386", "CVE-2022-26387", "CVE-2022-26485", "CVE-2022-26486"], "modified": "2023-04-25T00:00:00", "cpe": ["cpe:/o:oracle:linux:7", "p-cpe:/a:oracle:linux:thunderbird"], "id": "ORACLELINUX_ELSA-2022-0850.NASL", "href": "https://www.tenable.com/plugins/nessus/158903", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2022-0850.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(158903);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/04/25\");\n\n script_cve_id(\n \"CVE-2022-0566\",\n \"CVE-2022-25235\",\n \"CVE-2022-25236\",\n \"CVE-2022-25315\",\n \"CVE-2022-26381\",\n \"CVE-2022-26383\",\n \"CVE-2022-26384\",\n \"CVE-2022-26386\",\n \"CVE-2022-26387\",\n \"CVE-2022-26485\",\n \"CVE-2022-26486\"\n );\n script_xref(name:\"IAVA\", value:\"2022-A-0103-S\");\n script_xref(name:\"IAVA\", value:\"2022-A-0088-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/03/21\");\n\n script_name(english:\"Oracle Linux 7 : thunderbird (ELSA-2022-0850)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the\nELSA-2022-0850 advisory.\n\n - xmltok_impl.c in Expat (aka libexpat) before 2.4.5 lacks certain validation of encoding, such as checks\n for whether a UTF-8 character is valid in a certain context. (CVE-2022-25235)\n\n - Previously Thunderbird for macOS and Linux would download temporary files to a user-specific directory in\n <code>/tmp</code>, but this behavior was changed to download them to <code>/tmp</code> where they could be\n affected by other local users. This behavior was reverted to the original, user-specific directory. This\n bug only affects Thunderbird for macOS and Linux. Other operating systems are unaffected.\n (CVE-2022-26386)\n\n - xmlparse.c in Expat (aka libexpat) before 2.4.5 allows attackers to insert namespace-separator characters\n into namespace URIs. (CVE-2022-25236)\n\n - In Expat (aka libexpat) before 2.4.5, there is an integer overflow in storeRawNames. (CVE-2022-25315)\n\n - An attacker could have caused a use-after-free by forcing a text reflow in an SVG object leading to a\n potentially exploitable crash. (CVE-2022-26381)\n\n - Mozilla: Browser window spoof using fullscreen mode (CVE-2022-26383)\n\n - If an attacker could control the contents of an iframe sandboxed with <code>allow-popups</code> but not\n <code>allow-scripts</code>, they were able to craft a link that, when clicked, would lead to JavaScript\n execution in violation of the sandbox. (CVE-2022-26384)\n\n - When installing an add-on, Thunderbird verified the signature before prompting the user; but while the\n user was confirming the prompt, the underlying add-on file could have been modified and Thunderbird would\n not have noticed. (CVE-2022-26387)\n\n - Removing an XSLT parameter during processing could have lead to an exploitable use-after-free. We have had\n reports of attacks in the wild abusing this flaw. (CVE-2022-26485)\n\n - An unexpected message in the WebGPU IPC framework could lead to a use-after-free and exploitable sandbox\n escape. We have had reports of attacks in the wild abusing this flaw. (CVE-2022-26486)\n\n - It may be possible for an attacker to craft an email message that causes Thunderbird to perform an out-of-\n bounds write of one byte when processing the message. (CVE-2022-0566)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2022-0850.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected thunderbird package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-25315\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/02/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/03/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/03/14\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:thunderbird\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar release = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 7', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\n\nvar pkgs = [\n {'reference':'thunderbird-91.7.0-2.0.1.el7_9', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE},\n {'reference':'thunderbird-91.7.0-2.0.1.el7_9', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release) {\n if (exists_check) {\n if (rpm_exists(release:release, rpm:exists_check) && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'thunderbird');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-08-08T16:21:23", "description": "The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:0843 advisory.\n\n - thunderbird: Crafted email could trigger an out-of-bounds write (CVE-2022-0566)\n\n - expat: Malformed 2- and 3-byte UTF-8 sequences can lead to arbitrary code execution (CVE-2022-25235)\n\n - expat: Namespace-separator characters in xmlns[:prefix] attribute values can lead to arbitrary code execution (CVE-2022-25236)\n\n - expat: Integer overflow in storeRawNames() (CVE-2022-25315)\n\n - Mozilla: Use-after-free in text reflows (CVE-2022-26381)\n\n - Mozilla: Browser window spoof using fullscreen mode (CVE-2022-26383)\n\n - Mozilla: iframe allow-scripts sandbox bypass (CVE-2022-26384)\n\n - Mozilla: Temporary files downloaded to /tmp and accessible by other local users (CVE-2022-26386)\n\n - Mozilla: Time-of-check time-of-use bug when verifying add-on signatures (CVE-2022-26387)\n\n - Mozilla: Use-after-free in XSLT parameter processing (CVE-2022-26485)\n\n - Mozilla: Use-after-free in WebGPU IPC Framework (CVE-2022-26486)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-03-14T00:00:00", "type": "nessus", "title": "RHEL 8 : thunderbird (RHSA-2022:0843)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-0566", "CVE-2022-25235", "CVE-2022-25236", "CVE-2022-25315", "CVE-2022-26381", "CVE-2022-26383", "CVE-2022-26384", "CVE-2022-26386", "CVE-2022-26387", "CVE-2022-26485", "CVE-2022-26486"], "modified": "2023-05-25T00:00:00", "cpe": ["cpe:/o:redhat:rhel_aus:8.2", "cpe:/o:redhat:rhel_e4s:8.2", "cpe:/o:redhat:rhel_eus:8.2", "cpe:/o:redhat:rhel_tus:8.2", "p-cpe:/a:redhat:enterprise_linux:thunderbird"], "id": "REDHAT-RHSA-2022-0843.NASL", "href": "https://www.tenable.com/plugins/nessus/158906", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2022:0843. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(158906);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/25\");\n\n script_cve_id(\n \"CVE-2022-0566\",\n \"CVE-2022-25235\",\n \"CVE-2022-25236\",\n \"CVE-2022-25315\",\n \"CVE-2022-26381\",\n \"CVE-2022-26383\",\n \"CVE-2022-26384\",\n \"CVE-2022-26386\",\n \"CVE-2022-26387\",\n \"CVE-2022-26485\",\n \"CVE-2022-26486\"\n );\n script_xref(name:\"RHSA\", value:\"2022:0843\");\n script_xref(name:\"IAVA\", value:\"2022-A-0103-S\");\n script_xref(name:\"IAVA\", value:\"2022-A-0088-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/03/21\");\n\n script_name(english:\"RHEL 8 : thunderbird (RHSA-2022:0843)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as\nreferenced in the RHSA-2022:0843 advisory.\n\n - thunderbird: Crafted email could trigger an out-of-bounds write (CVE-2022-0566)\n\n - expat: Malformed 2- and 3-byte UTF-8 sequences can lead to arbitrary code execution (CVE-2022-25235)\n\n - expat: Namespace-separator characters in xmlns[:prefix] attribute values can lead to arbitrary code\n execution (CVE-2022-25236)\n\n - expat: Integer overflow in storeRawNames() (CVE-2022-25315)\n\n - Mozilla: Use-after-free in text reflows (CVE-2022-26381)\n\n - Mozilla: Browser window spoof using fullscreen mode (CVE-2022-26383)\n\n - Mozilla: iframe allow-scripts sandbox bypass (CVE-2022-26384)\n\n - Mozilla: Temporary files downloaded to /tmp and accessible by other local users (CVE-2022-26386)\n\n - Mozilla: Time-of-check time-of-use bug when verifying add-on signatures (CVE-2022-26387)\n\n - Mozilla: Use-after-free in XSLT parameter processing (CVE-2022-26485)\n\n - Mozilla: Use-after-free in WebGPU IPC Framework (CVE-2022-26486)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-0566\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-25235\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-25236\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-25315\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-26381\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-26383\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-26384\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-26386\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-26387\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-26485\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-26486\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2022:0843\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2055591\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2056363\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2056366\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2056370\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2061735\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2061736\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2062220\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2062221\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2062222\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2062223\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2062224\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected thunderbird package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-25315\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20, 179, 190, 281, 367, 416, 449, 451, 787, 838);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/02/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/03/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/03/14\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:thunderbird\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'eq', os_version: os_ver, rhel_version: '8.2')) audit(AUDIT_OS_NOT, 'Red Hat 8.2', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/aus/rhel8/8.2/x86_64/appstream/debug',\n 'content/aus/rhel8/8.2/x86_64/appstream/os',\n 'content/aus/rhel8/8.2/x86_64/appstream/source/SRPMS',\n 'content/aus/rhel8/8.2/x86_64/baseos/debug',\n 'content/aus/rhel8/8.2/x86_64/baseos/os',\n 'content/aus/rhel8/8.2/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.2/ppc64le/appstream/debug',\n 'content/e4s/rhel8/8.2/ppc64le/appstream/os',\n 'content/e4s/rhel8/8.2/ppc64le/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.2/ppc64le/baseos/debug',\n 'content/e4s/rhel8/8.2/ppc64le/baseos/os',\n 'content/e4s/rhel8/8.2/ppc64le/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.2/ppc64le/highavailability/debug',\n 'content/e4s/rhel8/8.2/ppc64le/highavailability/os',\n 'content/e4s/rhel8/8.2/ppc64le/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.2/ppc64le/sap-solutions/debug',\n 'content/e4s/rhel8/8.2/ppc64le/sap-solutions/os',\n 'content/e4s/rhel8/8.2/ppc64le/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.2/ppc64le/sap/debug',\n 'content/e4s/rhel8/8.2/ppc64le/sap/os',\n 'content/e4s/rhel8/8.2/ppc64le/sap/source/SRPMS',\n 'content/e4s/rhel8/8.2/x86_64/appstream/debug',\n 'content/e4s/rhel8/8.2/x86_64/appstream/os',\n 'content/e4s/rhel8/8.2/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.2/x86_64/baseos/debug',\n 'content/e4s/rhel8/8.2/x86_64/baseos/os',\n 'content/e4s/rhel8/8.2/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.2/x86_64/highavailability/debug',\n 'content/e4s/rhel8/8.2/x86_64/highavailability/os',\n 'content/e4s/rhel8/8.2/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.2/x86_64/sap-solutions/debug',\n 'content/e4s/rhel8/8.2/x86_64/sap-solutions/os',\n 'content/e4s/rhel8/8.2/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.2/x86_64/sap/debug',\n 'content/e4s/rhel8/8.2/x86_64/sap/os',\n 'content/e4s/rhel8/8.2/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.2/aarch64/appstream/debug',\n 'content/eus/rhel8/8.2/aarch64/appstream/os',\n 'content/eus/rhel8/8.2/aarch64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.2/aarch64/baseos/debug',\n 'content/eus/rhel8/8.2/aarch64/baseos/os',\n 'content/eus/rhel8/8.2/aarch64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.2/aarch64/codeready-builder/debug',\n 'content/eus/rhel8/8.2/aarch64/codeready-builder/os',\n 'content/eus/rhel8/8.2/aarch64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.2/aarch64/highavailability/debug',\n 'content/eus/rhel8/8.2/aarch64/highavailability/os',\n 'content/eus/rhel8/8.2/aarch64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.2/aarch64/supplementary/debug',\n 'content/eus/rhel8/8.2/aarch64/supplementary/os',\n 'content/eus/rhel8/8.2/aarch64/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/appstream/debug',\n 'content/eus/rhel8/8.2/ppc64le/appstream/os',\n 'content/eus/rhel8/8.2/ppc64le/appstream/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/baseos/debug',\n 'content/eus/rhel8/8.2/ppc64le/baseos/os',\n 'content/eus/rhel8/8.2/ppc64le/baseos/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/codeready-builder/debug',\n 'content/eus/rhel8/8.2/ppc64le/codeready-builder/os',\n 'content/eus/rhel8/8.2/ppc64le/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/highavailability/debug',\n 'content/eus/rhel8/8.2/ppc64le/highavailability/os',\n 'content/eus/rhel8/8.2/ppc64le/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/resilientstorage/debug',\n 'content/eus/rhel8/8.2/ppc64le/resilientstorage/os',\n 'content/eus/rhel8/8.2/ppc64le/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/sap-solutions/debug',\n 'content/eus/rhel8/8.2/ppc64le/sap-solutions/os',\n 'content/eus/rhel8/8.2/ppc64le/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/sap/debug',\n 'content/eus/rhel8/8.2/ppc64le/sap/os',\n 'content/eus/rhel8/8.2/ppc64le/sap/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/supplementary/debug',\n 'content/eus/rhel8/8.2/ppc64le/supplementary/os',\n 'content/eus/rhel8/8.2/ppc64le/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/appstream/debug',\n 'content/eus/rhel8/8.2/x86_64/appstream/os',\n 'content/eus/rhel8/8.2/x86_64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/baseos/debug',\n 'content/eus/rhel8/8.2/x86_64/baseos/os',\n 'content/eus/rhel8/8.2/x86_64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/codeready-builder/debug',\n 'content/eus/rhel8/8.2/x86_64/codeready-builder/os',\n 'content/eus/rhel8/8.2/x86_64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/highavailability/debug',\n 'content/eus/rhel8/8.2/x86_64/highavailability/os',\n 'content/eus/rhel8/8.2/x86_64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/resilientstorage/debug',\n 'content/eus/rhel8/8.2/x86_64/resilientstorage/os',\n 'content/eus/rhel8/8.2/x86_64/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/sap-solutions/debug',\n 'content/eus/rhel8/8.2/x86_64/sap-solutions/os',\n 'content/eus/rhel8/8.2/x86_64/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/sap/debug',\n 'content/eus/rhel8/8.2/x86_64/sap/os',\n 'content/eus/rhel8/8.2/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/supplementary/debug',\n 'content/eus/rhel8/8.2/x86_64/supplementary/os',\n 'content/eus/rhel8/8.2/x86_64/supplementary/source/SRPMS',\n 'content/tus/rhel8/8.2/x86_64/appstream/debug',\n 'content/tus/rhel8/8.2/x86_64/appstream/os',\n 'content/tus/rhel8/8.2/x86_64/appstream/source/SRPMS',\n 'content/tus/rhel8/8.2/x86_64/baseos/debug',\n 'content/tus/rhel8/8.2/x86_64/baseos/os',\n 'content/tus/rhel8/8.2/x86_64/baseos/source/SRPMS',\n 'content/tus/rhel8/8.2/x86_64/highavailability/debug',\n 'content/tus/rhel8/8.2/x86_64/highavailability/os',\n 'content/tus/rhel8/8.2/x86_64/highavailability/source/SRPMS',\n 'content/tus/rhel8/8.2/x86_64/nfv/debug',\n 'content/tus/rhel8/8.2/x86_64/nfv/os',\n 'content/tus/rhel8/8.2/x86_64/nfv/source/SRPMS',\n 'content/tus/rhel8/8.2/x86_64/rt/debug',\n 'content/tus/rhel8/8.2/x86_64/rt/os',\n 'content/tus/rhel8/8.2/x86_64/rt/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'thunderbird-91.7.0-2.el8_2', 'sp':'2', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE},\n {'reference':'thunderbird-91.7.0-2.el8_2', 'sp':'2', 'cpu':'ppc64le', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE},\n {'reference':'thunderbird-91.7.0-2.el8_2', 'sp':'2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var subscription_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in the Red Hat Enterprise Linux\\n' +\n 'Advanced Update Support, Extended Update Support, Telco Extended Update Support or Update Services for SAP Solutions repositories.\\n' +\n 'Access to these repositories requires a paid RHEL subscription.\\n';\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = subscription_caveat + rpm_report_get() + redhat_report_repo_caveat();\n else extra = subscription_caveat + rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'thunderbird');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-08-08T16:23:04", "description": "The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2022:0850 advisory.\n\n - thunderbird: Crafted email could trigger an out-of-bounds write (CVE-2022-0566)\n\n - expat: Malformed 2- and 3-byte UTF-8 sequences can lead to arbitrary code execution (CVE-2022-25235)\n\n - expat: Namespace-separator characters in xmlns[:prefix] attribute values can lead to arbitrary code execution (CVE-2022-25236)\n\n - expat: Integer overflow in storeRawNames() (CVE-2022-25315)\n\n - Mozilla: Use-after-free in text reflows (CVE-2022-26381)\n\n - Mozilla: Browser window spoof using fullscreen mode (CVE-2022-26383)\n\n - Mozilla: iframe allow-scripts sandbox bypass (CVE-2022-26384)\n\n - Mozilla: Temporary files downloaded to /tmp and accessible by other local users (CVE-2022-26386)\n\n - Mozilla: Time-of-check time-of-use bug when verifying add-on signatures (CVE-2022-26387)\n\n - Mozilla: Use-after-free in XSLT parameter processing (CVE-2022-26485)\n\n - Mozilla: Use-after-free in WebGPU IPC Framework (CVE-2022-26486)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-03-29T00:00:00", "type": "nessus", "title": "CentOS 7 : thunderbird (CESA-2022:0850)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-0566", "CVE-2022-25235", "CVE-2022-25236", "CVE-2022-25315", "CVE-2022-26381", "CVE-2022-26383", "CVE-2022-26384", "CVE-2022-26386", "CVE-2022-26387", "CVE-2022-26485", "CVE-2022-26486"], "modified": "2023-04-25T00:00:00", "cpe": ["p-cpe:/a:centos:centos:thunderbird", "cpe:/o:centos:centos:7"], "id": "CENTOS_RHSA-2022-0850.NASL", "href": "https://www.tenable.com/plugins/nessus/159320", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2022:0850 and\n# CentOS Errata and Security Advisory 2022:0850 respectively.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(159320);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/04/25\");\n\n script_cve_id(\n \"CVE-2022-0566\",\n \"CVE-2022-25235\",\n \"CVE-2022-25236\",\n \"CVE-2022-25315\",\n \"CVE-2022-26381\",\n \"CVE-2022-26383\",\n \"CVE-2022-26384\",\n \"CVE-2022-26386\",\n \"CVE-2022-26387\",\n \"CVE-2022-26485\",\n \"CVE-2022-26486\"\n );\n script_xref(name:\"IAVA\", value:\"2022-A-0103-S\");\n script_xref(name:\"IAVA\", value:\"2022-A-0088-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/03/21\");\n script_xref(name:\"RHSA\", value:\"2022:0850\");\n\n script_name(english:\"CentOS 7 : thunderbird (CESA-2022:0850)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote CentOS Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the\nCESA-2022:0850 advisory.\n\n - thunderbird: Crafted email could trigger an out-of-bounds write (CVE-2022-0566)\n\n - expat: Malformed 2- and 3-byte UTF-8 sequences can lead to arbitrary code execution (CVE-2022-25235)\n\n - expat: Namespace-separator characters in xmlns[:prefix] attribute values can lead to arbitrary code\n execution (CVE-2022-25236)\n\n - expat: Integer overflow in storeRawNames() (CVE-2022-25315)\n\n - Mozilla: Use-after-free in text reflows (CVE-2022-26381)\n\n - Mozilla: Browser window spoof using fullscreen mode (CVE-2022-26383)\n\n - Mozilla: iframe allow-scripts sandbox bypass (CVE-2022-26384)\n\n - Mozilla: Temporary files downloaded to /tmp and accessible by other local users (CVE-2022-26386)\n\n - Mozilla: Time-of-check time-of-use bug when verifying add-on signatures (CVE-2022-26387)\n\n - Mozilla: Use-after-free in XSLT parameter processing (CVE-2022-26485)\n\n - Mozilla: Use-after-free in WebGPU IPC Framework (CVE-2022-26486)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n # https://lists.centos.org/pipermail/centos-announce/2022-March/073579.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?4a9a52fd\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/20.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/190.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/281.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/367.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/416.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/451.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/787.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/838.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected thunderbird package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-25315\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20, 190, 281, 367, 416, 451, 787, 838);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/02/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/03/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/03/29\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:thunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:7\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CentOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/CentOS/release');\nif (isnull(release) || 'CentOS' >!< release) audit(AUDIT_OS_NOT, 'CentOS');\nvar os_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'CentOS');\nvar os_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '7')) audit(AUDIT_OS_NOT, 'CentOS 7.x', 'CentOS ' + os_ver);\n\nif (!get_kb_item('Host/CentOS/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'CentOS', cpu);\n\nvar pkgs = [\n {'reference':'thunderbird-91.7.0-2.el7.centos', 'cpu':'x86_64', 'release':'CentOS-7', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'thunderbird');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-08-08T16:25:47", "description": "The remote Scientific Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the SLSA-2022:0850-1 advisory.\n\n - Mozilla: Use-after-free in XSLT parameter processing (CVE-2022-26485)\n\n - Mozilla: Use-after-free in WebGPU IPC Framework (CVE-2022-26486)\n\n - expat: Malformed 2- and 3-byte UTF-8 sequences can lead to arbitrary code execution (CVE-2022-25235)\n\n - expat: Namespace-separator characters in xmlns[:prefix] attribute values can lead to arbitrary code execution (CVE-2022-25236)\n\n - expat: Integer overflow in storeRawNames() (CVE-2022-25315)\n\n - Mozilla: Use-after-free in text reflows (CVE-2022-26381)\n\n - Mozilla: Browser window spoof using fullscreen mode (CVE-2022-26383)\n\n - Mozilla: iframe allow-scripts sandbox bypass (CVE-2022-26384)\n\n - Mozilla: Time-of-check time-of-use bug when verifying add-on signatures (CVE-2022-26387)\n\n - thunderbird: Crafted email could trigger an out-of-bounds write (CVE-2022-0566)\n\n - Mozilla: Temporary files downloaded to /tmp and accessible by other local users (CVE-2022-26386)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-03-15T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : thunderbird on SL7.x x86_64 (2022:0850)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-0566", "CVE-2022-25235", "CVE-2022-25236", "CVE-2022-25315", "CVE-2022-26381", "CVE-2022-26383", "CVE-2022-26384", "CVE-2022-26386", "CVE-2022-26387", "CVE-2022-26485", "CVE-2022-26486"], "modified": "2023-04-25T00:00:00", "cpe": ["cpe:/o:fermilab:scientific_linux", "p-cpe:/a:fermilab:scientific_linux:thunderbird", "p-cpe:/a:fermilab:scientific_linux:thunderbird-debuginfo"], "id": "SL_20220314_THUNDERBIRD_ON_SL7_X.NASL", "href": "https://www.tenable.com/plugins/nessus/158922", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(158922);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/04/25\");\n\n script_cve_id(\n \"CVE-2022-0566\",\n \"CVE-2022-25235\",\n \"CVE-2022-25236\",\n \"CVE-2022-25315\",\n \"CVE-2022-26381\",\n \"CVE-2022-26383\",\n \"CVE-2022-26384\",\n \"CVE-2022-26386\",\n \"CVE-2022-26387\",\n \"CVE-2022-26485\",\n \"CVE-2022-26486\"\n );\n script_xref(name:\"IAVA\", value:\"2022-A-0103-S\");\n script_xref(name:\"IAVA\", value:\"2022-A-0088-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/03/21\");\n script_xref(name:\"RHSA\", value:\"RHSA-2022:0850\");\n\n script_name(english:\"Scientific Linux Security Update : thunderbird on SL7.x x86_64 (2022:0850)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Scientific Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Scientific Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in\nthe SLSA-2022:0850-1 advisory.\n\n - Mozilla: Use-after-free in XSLT parameter processing (CVE-2022-26485)\n\n - Mozilla: Use-after-free in WebGPU IPC Framework (CVE-2022-26486)\n\n - expat: Malformed 2- and 3-byte UTF-8 sequences can lead to arbitrary code execution (CVE-2022-25235)\n\n - expat: Namespace-separator characters in xmlns[:prefix] attribute values can lead to arbitrary code\n execution (CVE-2022-25236)\n\n - expat: Integer overflow in storeRawNames() (CVE-2022-25315)\n\n - Mozilla: Use-after-free in text reflows (CVE-2022-26381)\n\n - Mozilla: Browser window spoof using fullscreen mode (CVE-2022-26383)\n\n - Mozilla: iframe allow-scripts sandbox bypass (CVE-2022-26384)\n\n - Mozilla: Time-of-check time-of-use bug when verifying add-on signatures (CVE-2022-26387)\n\n - thunderbird: Crafted email could trigger an out-of-bounds write (CVE-2022-0566)\n\n - Mozilla: Temporary files downloaded to /tmp and accessible by other local users (CVE-2022-26386)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.scientificlinux.org/category/sl-errata/slsa-20220850-1\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected thunderbird and / or thunderbird-debuginfo packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-25315\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/02/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/03/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/03/15\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fermilab:scientific_linux\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:thunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:thunderbird-debuginfo\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/RedHat/release');\nif (isnull(release) || 'Scientific Linux' >!< release) audit(AUDIT_OS_NOT, 'Scientific Linux');\nvar os_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Scientific Linux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Scientific Linux 7.x', 'Scientific Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Scientific Linux', cpu);\n\nvar pkgs = [\n {'reference':'thunderbird-91.7.0-2.el7_9', 'cpu':'x86_64', 'release':'SL7', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE},\n {'reference':'thunderbird-debuginfo-91.7.0-2.el7_9', 'cpu':'x86_64', 'release':'SL7', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'thunderbird / thunderbird-debuginfo');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-08-08T16:20:12", "description": "The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:0850 advisory.\n\n - thunderbird: Crafted email could trigger an out-of-bounds write (CVE-2022-0566)\n\n - expat: Malformed 2- and 3-byte UTF-8 sequences can lead to arbitrary code execution (CVE-2022-25235)\n\n - expat: Namespace-separator characters in xmlns[:prefix] attribute values can lead to arbitrary code execution (CVE-2022-25236)\n\n - expat: Integer overflow in storeRawNames() (CVE-2022-25315)\n\n - Mozilla: Use-after-free in text reflows (CVE-2022-26381)\n\n - Mozilla: Browser window spoof using fullscreen mode (CVE-2022-26383)\n\n - Mozilla: iframe allow-scripts sandbox bypass (CVE-2022-26384)\n\n - Mozilla: Temporary files downloaded to /tmp and accessible by other local users (CVE-2022-26386)\n\n - Mozilla: Time-of-check time-of-use bug when verifying add-on signatures (CVE-2022-26387)\n\n - Mozilla: Use-after-free in XSLT parameter processing (CVE-2022-26485)\n\n - Mozilla: Use-after-free in WebGPU IPC Framework (CVE-2022-26486)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-03-14T00:00:00", "type": "nessus", "title": "RHEL 7 : thunderbird (RHSA-2022:0850)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-0566", "CVE-2022-25235", "CVE-2022-25236", "CVE-2022-25315", "CVE-2022-26381", "CVE-2022-26383", "CVE-2022-26384", "CVE-2022-26386", "CVE-2022-26387", "CVE-2022-26485", "CVE-2022-26486"], "modified": "2023-05-25T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:7", "p-cpe:/a:redhat:enterprise_linux:thunderbird"], "id": "REDHAT-RHSA-2022-0850.NASL", "href": "https://www.tenable.com/plugins/nessus/158907", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2022:0850. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(158907);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/25\");\n\n script_cve_id(\n \"CVE-2022-0566\",\n \"CVE-2022-25235\",\n \"CVE-2022-25236\",\n \"CVE-2022-25315\",\n \"CVE-2022-26381\",\n \"CVE-2022-26383\",\n \"CVE-2022-26384\",\n \"CVE-2022-26386\",\n \"CVE-2022-26387\",\n \"CVE-2022-26485\",\n \"CVE-2022-26486\"\n );\n script_xref(name:\"RHSA\", value:\"2022:0850\");\n script_xref(name:\"IAVA\", value:\"2022-A-0103-S\");\n script_xref(name:\"IAVA\", value:\"2022-A-0088-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/03/21\");\n\n script_name(english:\"RHEL 7 : thunderbird (RHSA-2022:0850)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as\nreferenced in the RHSA-2022:0850 advisory.\n\n - thunderbird: Crafted email could trigger an out-of-bounds write (CVE-2022-0566)\n\n - expat: Malformed 2- and 3-byte UTF-8 sequences can lead to arbitrary code execution (CVE-2022-25235)\n\n - expat: Namespace-separator characters in xmlns[:prefix] attribute values can lead to arbitrary code\n execution (CVE-2022-25236)\n\n - expat: Integer overflow in storeRawNames() (CVE-2022-25315)\n\n - Mozilla: Use-after-free in text reflows (CVE-2022-26381)\n\n - Mozilla: Browser window spoof using fullscreen mode (CVE-2022-26383)\n\n - Mozilla: iframe allow-scripts sandbox bypass (CVE-2022-26384)\n\n - Mozilla: Temporary files downloaded to /tmp and accessible by other local users (CVE-2022-26386)\n\n - Mozilla: Time-of-check time-of-use bug when verifying add-on signatures (CVE-2022-26387)\n\n - Mozilla: Use-after-free in XSLT parameter processing (CVE-2022-26485)\n\n - Mozilla: Use-after-free in WebGPU IPC Framework (CVE-2022-26486)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-0566\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-25235\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-25236\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-25315\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-26381\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-26383\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-26384\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-26386\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-26387\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-26485\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-26486\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2022:0850\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2055591\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2056363\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2056366\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2056370\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2061735\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2061736\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2062220\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2062221\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2062222\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2062223\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2062224\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected thunderbird package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-25315\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20, 179, 190, 281, 367, 416, 449, 451, 787, 838);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/02/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/03/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/03/14\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:thunderbird\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '7')) audit(AUDIT_OS_NOT, 'Red Hat 7.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/debug',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/optional/debug',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/optional/os',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/optional/source/SRPMS',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/os',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/source/SRPMS',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/supplementary/debug',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/supplementary/source/SRPMS',\n 'content/dist/rhel/client/7/7Client/x86_64/debug',\n 'content/dist/rhel/client/7/7Client/x86_64/optional/debug',\n 'content/dist/rhel/client/7/7Client/x86_64/optional/os',\n 'content/dist/rhel/client/7/7Client/x86_64/optional/source/SRPMS',\n 'content/dist/rhel/client/7/7Client/x86_64/oracle-java-rm/os',\n 'content/dist/rhel/client/7/7Client/x86_64/os',\n 'content/dist/rhel/client/7/7Client/x86_64/source/SRPMS',\n 'content/dist/rhel/client/7/7Client/x86_64/supplementary/debug',\n 'content/dist/rhel/client/7/7Client/x86_64/supplementary/os',\n 'content/dist/rhel/client/7/7Client/x86_64/supplementary/source/SRPMS',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/debug',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/optional/debug',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/optional/os',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/optional/source/SRPMS',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/oracle-java-rm/os',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/os',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/source/SRPMS',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/supplementary/debug',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/supplementary/os',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/supplementary/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/highavailability/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/highavailability/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/highavailability/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/optional/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/optional/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/optional/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/resilientstorage/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/resilientstorage/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/resilientstorage/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap-hana/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap-hana/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap-hana/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/supplementary/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/supplementary/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/supplementary/source/SRPMS',\n 'content/dist/rhel/power/7/7Server/ppc64/debug',\n 'content/dist/rhel/power/7/7Server/ppc64/optional/debug',\n 'content/dist/rhel/power/7/7Server/ppc64/optional/os',\n 'content/dist/rhel/power/7/7Server/ppc64/optional/source/SRPMS',\n 'content/dist/rhel/power/7/7Server/ppc64/os',\n 'content/dist/rhel/power/7/7Server/ppc64/sap/debug',\n 'content/dist/rhel/power/7/7Server/ppc64/sap/os',\n 'content/dist/rhel/power/7/7Server/ppc64/sap/source/SRPMS',\n 'content/dist/rhel/power/7/7Server/ppc64/source/SRPMS',\n 'content/dist/rhel/power/7/7Server/ppc64/supplementary/debug',\n 'content/dist/rhel/power/7/7Server/ppc64/supplementary/os',\n 'content/dist/rhel/power/7/7Server/ppc64/supplementary/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/highavailability/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/highavailability/os',\n 'content/dist/rhel/server/7/7Server/x86_64/highavailability/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/nfv/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/nfv/os',\n 'content/dist/rhel/server/7/7Server/x86_64/nfv/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/optional/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/optional/os',\n 'content/dist/rhel/server/7/7Server/x86_64/optional/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/oracle-java-rm/os',\n 'content/dist/rhel/server/7/7Server/x86_64/os',\n 'content/dist/rhel/server/7/7Server/x86_64/resilientstorage/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/resilientstorage/os',\n 'content/dist/rhel/server/7/7Server/x86_64/resilientstorage/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/rt/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/rt/os',\n 'content/dist/rhel/server/7/7Server/x86_64/rt/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/sap-hana/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/sap-hana/os',\n 'content/dist/rhel/server/7/7Server/x86_64/sap-hana/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/sap/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/sap/os',\n 'content/dist/rhel/server/7/7Server/x86_64/sap/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/supplementary/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/supplementary/os',\n 'content/dist/rhel/server/7/7Server/x86_64/supplementary/source/SRPMS',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/debug',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/optional/debug',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/optional/os',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/optional/source/SRPMS',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/oracle-java-rm/os',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/os',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/source/SRPMS',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/supplementary/debug',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/supplementary/os',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/supplementary/source/SRPMS',\n 'content/fastrack/rhel/client/7/x86_64/debug',\n 'content/fastrack/rhel/client/7/x86_64/optional/debug',\n 'content/fastrack/rhel/client/7/x86_64/optional/os',\n 'content/fastrack/rhel/client/7/x86_64/optional/source/SRPMS',\n 'content/fastrack/rhel/client/7/x86_64/os',\n 'content/fastrack/rhel/client/7/x86_64/source/SRPMS',\n 'content/fastrack/rhel/computenode/7/x86_64/debug',\n 'content/fastrack/rhel/computenode/7/x86_64/optional/debug',\n 'content/fastrack/rhel/computenode/7/x86_64/optional/os',\n 'content/fastrack/rhel/computenode/7/x86_64/optional/source/SRPMS',\n 'content/fastrack/rhel/computenode/7/x86_64/os',\n 'content/fastrack/rhel/computenode/7/x86_64/source/SRPMS',\n 'content/fastrack/rhel/power/7/ppc64/debug',\n 'content/fastrack/rhel/power/7/ppc64/optional/debug',\n 'content/fastrack/rhel/power/7/ppc64/optional/os',\n 'content/fastrack/rhel/power/7/ppc64/optional/source/SRPMS',\n 'content/fastrack/rhel/power/7/ppc64/os',\n 'content/fastrack/rhel/power/7/ppc64/source/SRPMS',\n 'content/fastrack/rhel/server/7/x86_64/debug',\n 'content/fastrack/rhel/server/7/x86_64/highavailability/debug',\n 'content/fastrack/rhel/server/7/x86_64/highavailability/os',\n 'content/fastrack/rhel/server/7/x86_64/highavailability/source/SRPMS',\n 'content/fastrack/rhel/server/7/x86_64/optional/debug',\n 'content/fastrack/rhel/server/7/x86_64/optional/os',\n 'content/fastrack/rhel/server/7/x86_64/optional/source/SRPMS',\n 'content/fastrack/rhel/server/7/x86_64/os',\n 'content/fastrack/rhel/server/7/x86_64/resilientstorage/debug',\n 'content/fastrack/rhel/server/7/x86_64/resilientstorage/os',\n 'content/fastrack/rhel/server/7/x86_64/resilientstorage/source/SRPMS',\n 'content/fastrack/rhel/server/7/x86_64/source/SRPMS',\n 'content/fastrack/rhel/workstation/7/x86_64/debug',\n 'content/fastrack/rhel/workstation/7/x86_64/optional/debug',\n 'content/fastrack/rhel/workstation/7/x86_64/optional/os',\n 'content/fastrack/rhel/workstation/7/x86_64/optional/source/SRPMS',\n 'content/fastrack/rhel/workstation/7/x86_64/os',\n 'content/fastrack/rhel/workstation/7/x86_64/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'thunderbird-91.7.0-2.el7_9', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE},\n {'reference':'thunderbird-91.7.0-2.el7_9', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'thunderbird');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-08-08T16:27:53", "description": "The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:0847 advisory.\n\n - thunderbird: Crafted email could trigger an out-of-bounds write (CVE-2022-0566)\n\n - expat: Malformed 2- and 3-byte UTF-8 sequences can lead to arbitrary code execution (CVE-2022-25235)\n\n - expat: Namespace-separator characters in xmlns[:prefix] attribute values can lead to arbitrary code execution (CVE-2022-25236)\n\n - expat: Integer overflow in storeRawNames() (CVE-2022-25315)\n\n - Mozilla: Use-after-free in text reflows (CVE-2022-26381)\n\n - Mozilla: Browser window spoof using fullscreen mode (CVE-2022-26383)\n\n - Mozilla: iframe allow-scripts sandbox bypass (CVE-2022-26384)\n\n - Mozilla: Temporary files downloaded to /tmp and accessible by other local users (CVE-2022-26386)\n\n - Mozilla: Time-of-check time-of-use bug when verifying add-on signatures (CVE-2022-26387)\n\n - Mozilla: Use-after-free in XSLT parameter processing (CVE-2022-26485)\n\n - Mozilla: Use-after-free in WebGPU IPC Framework (CVE-2022-26486)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-03-15T00:00:00", "type": "nessus", "title": "RHEL 8 : thunderbird (RHSA-2022:0847)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-0566", "CVE-2022-25235", "CVE-2022-25236", "CVE-2022-25315", "CVE-2022-26381", "CVE-2022-26383", "CVE-2022-26384", "CVE-2022-26386", "CVE-2022-26387", "CVE-2022-26485", "CVE-2022-26486"], "modified": "2023-05-25T00:00:00", "cpe": ["cpe:/o:redhat:rhel_e4s:8.1", "p-cpe:/a:redhat:enterprise_linux:thunderbird"], "id": "REDHAT-RHSA-2022-0847.NASL", "href": "https://www.tenable.com/plugins/nessus/158918", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2022:0847. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(158918);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/25\");\n\n script_cve_id(\n \"CVE-2022-0566\",\n \"CVE-2022-25235\",\n \"CVE-2022-25236\",\n \"CVE-2022-25315\",\n \"CVE-2022-26381\",\n \"CVE-2022-26383\",\n \"CVE-2022-26384\",\n \"CVE-2022-26386\",\n \"CVE-2022-26387\",\n \"CVE-2022-26485\",\n \"CVE-2022-26486\"\n );\n script_xref(name:\"RHSA\", value:\"2022:0847\");\n script_xref(name:\"IAVA\", value:\"2022-A-0103-S\");\n script_xref(name:\"IAVA\", value:\"2022-A-0088-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/03/21\");\n\n script_name(english:\"RHEL 8 : thunderbird (RHSA-2022:0847)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as\nreferenced in the RHSA-2022:0847 advisory.\n\n - thunderbird: Crafted email could trigger an out-of-bounds write (CVE-2022-0566)\n\n - expat: Malformed 2- and 3-byte UTF-8 sequences can lead to arbitrary code execution (CVE-2022-25235)\n\n - expat: Namespace-separator characters in xmlns[:prefix] attribute values can lead to arbitrary code\n execution (CVE-2022-25236)\n\n - expat: Integer overflow in storeRawNames() (CVE-2022-25315)\n\n - Mozilla: Use-after-free in text reflows (CVE-2022-26381)\n\n - Mozilla: Browser window spoof using fullscreen mode (CVE-2022-26383)\n\n - Mozilla: iframe allow-scripts sandbox bypass (CVE-2022-26384)\n\n - Mozilla: Temporary files downloaded to /tmp and accessible by other local users (CVE-2022-26386)\n\n - Mozilla: Time-of-check time-of-use bug when verifying add-on signatures (CVE-2022-26387)\n\n - Mozilla: Use-after-free in XSLT parameter processing (CVE-2022-26485)\n\n - Mozilla: Use-after-free in WebGPU IPC Framework (CVE-2022-26486)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-0566\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-25235\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-25236\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-25315\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-26381\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-26383\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-26384\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-26386\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-26387\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-26485\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-26486\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2022:0847\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2055591\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2056363\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2056366\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2056370\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2061735\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2061736\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2062220\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2062221\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2062222\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2062223\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2062224\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected thunderbird package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-25315\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20, 179, 190, 281, 367, 416, 449, 451, 787, 838);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/02/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/03/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/03/15\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:thunderbird\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'eq', os_version: os_ver, rhel_version: '8.1')) audit(AUDIT_OS_NOT, 'Red Hat 8.1', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/e4s/rhel8/8.1/ppc64le/appstream/debug',\n 'content/e4s/rhel8/8.1/ppc64le/appstream/os',\n 'content/e4s/rhel8/8.1/ppc64le/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.1/ppc64le/baseos/debug',\n 'content/e4s/rhel8/8.1/ppc64le/baseos/os',\n 'content/e4s/rhel8/8.1/ppc64le/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.1/ppc64le/highavailability/debug',\n 'content/e4s/rhel8/8.1/ppc64le/highavailability/os',\n 'content/e4s/rhel8/8.1/ppc64le/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.1/ppc64le/sap-solutions/debug',\n 'content/e4s/rhel8/8.1/ppc64le/sap-solutions/os',\n 'content/e4s/rhel8/8.1/ppc64le/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.1/ppc64le/sap/debug',\n 'content/e4s/rhel8/8.1/ppc64le/sap/os',\n 'content/e4s/rhel8/8.1/ppc64le/sap/source/SRPMS',\n 'content/e4s/rhel8/8.1/x86_64/appstream/debug',\n 'content/e4s/rhel8/8.1/x86_64/appstream/os',\n 'content/e4s/rhel8/8.1/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.1/x86_64/baseos/debug',\n 'content/e4s/rhel8/8.1/x86_64/baseos/os',\n 'content/e4s/rhel8/8.1/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.1/x86_64/highavailability/debug',\n 'content/e4s/rhel8/8.1/x86_64/highavailability/os',\n 'content/e4s/rhel8/8.1/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.1/x86_64/sap-solutions/debug',\n 'content/e4s/rhel8/8.1/x86_64/sap-solutions/os',\n 'content/e4s/rhel8/8.1/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.1/x86_64/sap/debug',\n 'content/e4s/rhel8/8.1/x86_64/sap/os',\n 'content/e4s/rhel8/8.1/x86_64/sap/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'thunderbird-91.7.0-2.el8_1', 'sp':'1', 'cpu':'ppc64le', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE},\n {'reference':'thunderbird-91.7.0-2.el8_1', 'sp':'1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var subscription_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in the Red Hat Enterprise Linux\\n' +\n 'Update Services for SAP Solutions repository.\\n' +\n 'Access to this repository requires a paid RHEL subscription.\\n';\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = subscription_caveat + rpm_report_get() + redhat_report_repo_caveat();\n else extra = subscription_caveat + rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'thunderbird');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-08-08T16:21:46", "description": "The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2022-0845 advisory.\n\n - xmltok_impl.c in Expat (aka libexpat) before 2.4.5 lacks certain validation of encoding, such as checks for whether a UTF-8 character is valid in a certain context. (CVE-2022-25235)\n\n - Previously Thunderbird for macOS and Linux would download temporary files to a user-specific directory in <code>/tmp</code>, but this behavior was changed to download them to <code>/tmp</code> where they could be affected by other local users. This behavior was reverted to the original, user-specific directory. This bug only affects Thunderbird for macOS and Linux. Other operating systems are unaffected.\n (CVE-2022-26386)\n\n - xmlparse.c in Expat (aka libexpat) before 2.4.5 allows attackers to insert namespace-separator characters into namespace URIs. (CVE-2022-25236)\n\n - In Expat (aka libexpat) before 2.4.5, there is an integer overflow in storeRawNames. (CVE-2022-25315)\n\n - An attacker could have caused a use-after-free by forcing a text reflow in an SVG object leading to a potentially exploitable crash. (CVE-2022-26381)\n\n - Mozilla: Browser window spoof using fullscreen mode (CVE-2022-26383)\n\n - If an attacker could control the contents of an iframe sandboxed with <code>allow-popups</code> but not <code>allow-scripts</code>, they were able to craft a link that, when clicked, would lead to JavaScript execution in violation of the sandbox. (CVE-2022-26384)\n\n - When installing an add-on, Thunderbird verified the signature before prompting the user; but while the user was confirming the prompt, the underlying add-on file could have been modified and Thunderbird would not have noticed. (CVE-2022-26387)\n\n - Removing an XSLT parameter during processing could have lead to an exploitable use-after-free. We have had reports of attacks in the wild abusing this flaw. (CVE-2022-26485)\n\n - An unexpected message in the WebGPU IPC framework could lead to a use-after-free and exploitable sandbox escape. We have had reports of attacks in the wild abusing this flaw. (CVE-2022-26486)\n\n - It may be possible for an attacker to craft an email message that causes Thunderbird to perform an out-of- bounds write of one byte when processing the message. (CVE-2022-0566)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-03-14T00:00:00", "type": "nessus", "title": "Oracle Linux 8 : thunderbird (ELSA-2022-0845)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-0566", "CVE-2022-25235", "CVE-2022-25236", "CVE-2022-25315", "CVE-2022-26381", "CVE-2022-26383", "CVE-2022-26384", "CVE-2022-26386", "CVE-2022-26387", "CVE-2022-26485", "CVE-2022-26486"], "modified": "2023-04-25T00:00:00", "cpe": ["cpe:/o:oracle:linux:8", "p-cpe:/a:oracle:linux:thunderbird"], "id": "ORACLELINUX_ELSA-2022-0845.NASL", "href": "https://www.tenable.com/plugins/nessus/158904", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2022-0845.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(158904);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/04/25\");\n\n script_cve_id(\n \"CVE-2022-0566\",\n \"CVE-2022-25235\",\n \"CVE-2022-25236\",\n \"CVE-2022-25315\",\n \"CVE-2022-26381\",\n \"CVE-2022-26383\",\n \"CVE-2022-26384\",\n \"CVE-2022-26386\",\n \"CVE-2022-26387\",\n \"CVE-2022-26485\",\n \"CVE-2022-26486\"\n );\n script_xref(name:\"IAVA\", value:\"2022-A-0103-S\");\n script_xref(name:\"IAVA\", value:\"2022-A-0088-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/03/21\");\n\n script_name(english:\"Oracle Linux 8 : thunderbird (ELSA-2022-0845)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the\nELSA-2022-0845 advisory.\n\n - xmltok_impl.c in Expat (aka libexpat) before 2.4.5 lacks certain validation of encoding, such as checks\n for whether a UTF-8 character is valid in a certain context. (CVE-2022-25235)\n\n - Previously Thunderbird for macOS and Linux would download temporary files to a user-specific directory in\n <code>/tmp</code>, but this behavior was changed to download them to <code>/tmp</code> where they could be\n affected by other local users. This behavior was reverted to the original, user-specific directory. This\n bug only affects Thunderbird for macOS and Linux. Other operating systems are unaffected.\n (CVE-2022-26386)\n\n - xmlparse.c in Expat (aka libexpat) before 2.4.5 allows attackers to insert namespace-separator characters\n into namespace URIs. (CVE-2022-25236)\n\n - In Expat (aka libexpat) before 2.4.5, there is an integer overflow in storeRawNames. (CVE-2022-25315)\n\n - An attacker could have caused a use-after-free by forcing a text reflow in an SVG object leading to a\n potentially exploitable crash. (CVE-2022-26381)\n\n - Mozilla: Browser window spoof using fullscreen mode (CVE-2022-26383)\n\n - If an attacker could control the contents of an iframe sandboxed with <code>allow-popups</code> but not\n <code>allow-scripts</code>, they were able to craft a link that, when clicked, would lead to JavaScript\n execution in violation of the sandbox. (CVE-2022-26384)\n\n - When installing an add-on, Thunderbird verified the signature before prompting the user; but while the\n user was confirming the prompt, the underlying add-on file could have been modified and Thunderbird would\n not have noticed. (CVE-2022-26387)\n\n - Removing an XSLT parameter during processing could have lead to an exploitable use-after-free. We have had\n reports of attacks in the wild abusing this flaw. (CVE-2022-26485)\n\n - An unexpected message in the WebGPU IPC framework could lead to a use-after-free and exploitable sandbox\n escape. We have had reports of attacks in the wild abusing this flaw. (CVE-2022-26486)\n\n - It may be possible for an attacker to craft an email message that causes Thunderbird to perform an out-of-\n bounds write of one byte when processing the message. (CVE-2022-0566)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2022-0845.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected thunderbird package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-25315\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/02/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/03/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/03/14\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:thunderbird\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar release = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 8', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\n\nvar pkgs = [\n {'reference':'thunderbird-91.7.0-2.0.1.el8_5', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE},\n {'reference':'thunderbird-91.7.0-2.0.1.el8_5', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release) {\n if (exists_check) {\n if (rpm_exists(release:release, rpm:exists_check) && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'thunderbird');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-08-08T16:20:36", "description": "The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:0853 advisory.\n\n - thunderbird: Crafted email could trigger an out-of-bounds write (CVE-2022-0566)\n\n - xmltok_impl.c in Expat (aka libexpat) before 2.4.5 lacks certain validation of encoding, such as checks for whether a UTF-8 character is valid in a certain context. (CVE-2022-25235)\n\n - xmlparse.c in Expat (aka libexpat) before 2.4.5 allows attackers to insert namespace-separator characters into namespace URIs. (CVE-2022-25236)\n\n - In Expat (aka libexpat) before 2.4.5, there is an integer overflow in storeRawNames. (CVE-2022-25315)\n\n - Mozilla: Use-after-free in text reflows (CVE-2022-26381)\n\n - Mozilla: Browser window spoof using fullscreen mode (CVE-2022-26383)\n\n - Mozilla: iframe allow-scripts sandbox bypass (CVE-2022-26384)\n\n - Mozilla: Temporary files downloaded to /tmp and accessible by other local users (CVE-2022-26386)\n\n - Mozilla: Time-of-check time-of-use bug when verifying add-on signatures (CVE-2022-26387)\n\n - Mozilla: Use-after-free in XSLT parameter processing (CVE-2022-26485)\n\n - Mozilla: Use-after-free in WebGPU IPC Framework (CVE-2022-26486)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-03-15T00:00:00", "type": "nessus", "title": "RHEL 8 : thunderbird (RHSA-2022:0853)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-0566", "CVE-2022-25235", "CVE-2022-25236", "CVE-2022-25315", "CVE-2022-26381", "CVE-2022-26383", "CVE-2022-26384", "CVE-2022-26386", "CVE-2022-26387", "CVE-2022-26485", "CVE-2022-26486"], "modified": "2023-05-25T00:00:00", "cpe": ["cpe:/o:redhat:rhel_aus:8.4", "cpe:/o:redhat:rhel_e4s:8.4", "cpe:/o:redhat:rhel_eus:8.4", "cpe:/o:redhat:rhel_tus:8.4", "p-cpe:/a:redhat:enterprise_linux:thunderbird"], "id": "REDHAT-RHSA-2022-0853.NASL", "href": "https://www.tenable.com/plugins/nessus/158914", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2022:0853. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(158914);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/25\");\n\n script_cve_id(\n \"CVE-2022-0566\",\n \"CVE-2022-25235\",\n \"CVE-2022-25236\",\n \"CVE-2022-25315\",\n \"CVE-2022-26381\",\n \"CVE-2022-26383\",\n \"CVE-2022-26384\",\n \"CVE-2022-26386\",\n \"CVE-2022-26387\",\n \"CVE-2022-26485\",\n \"CVE-2022-26486\"\n );\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/03/21\");\n script_xref(name:\"RHSA\", value:\"2022:0853\");\n script_xref(name:\"IAVA\", value:\"2022-A-0103-S\");\n script_xref(name:\"IAVA\", value:\"2022-A-0088-S\");\n\n script_name(english:\"RHEL 8 : thunderbird (RHSA-2022:0853)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as\nreferenced in the RHSA-2022:0853 advisory.\n\n - thunderbird: Crafted email could trigger an out-of-bounds write (CVE-2022-0566)\n\n - xmltok_impl.c in Expat (aka libexpat) before 2.4.5 lacks certain validation of encoding, such as checks\n for whether a UTF-8 character is valid in a certain context. (CVE-2022-25235)\n\n - xmlparse.c in Expat (aka libexpat) before 2.4.5 allows attackers to insert namespace-separator characters\n into namespace URIs. (CVE-2022-25236)\n\n - In Expat (aka libexpat) before 2.4.5, there is an integer overflow in storeRawNames. (CVE-2022-25315)\n\n - Mozilla: Use-after-free in text reflows (CVE-2022-26381)\n\n - Mozilla: Browser window spoof using fullscreen mode (CVE-2022-26383)\n\n - Mozilla: iframe allow-scripts sandbox bypass (CVE-2022-26384)\n\n - Mozilla: Temporary files downloaded to /tmp and accessible by other local users (CVE-2022-26386)\n\n - Mozilla: Time-of-check time-of-use bug when verifying add-on signatures (CVE-2022-26387)\n\n - Mozilla: Use-after-free in XSLT parameter processing (CVE-2022-26485)\n\n - Mozilla: Use-after-free in WebGPU IPC Framework (CVE-2022-26486)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-0566\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-25235\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-25236\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-25315\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-26381\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-26383\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-26384\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-26386\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-26387\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-26485\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-26486\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2022:0853\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2055591\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2061735\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2061736\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2062220\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2062221\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2062222\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2062223\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2062224\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected thunderbird package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-25315\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(179, 190, 281, 367, 416, 449, 787, 838);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/02/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/03/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/03/15\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:thunderbird\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'eq', os_version: os_ver, rhel_version: '8.4')) audit(AUDIT_OS_NOT, 'Red Hat 8.4', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/aus/rhel8/8.4/x86_64/appstream/debug',\n 'content/aus/rhel8/8.4/x86_64/appstream/os',\n 'content/aus/rhel8/8.4/x86_64/appstream/source/SRPMS',\n 'content/aus/rhel8/8.4/x86_64/baseos/debug',\n 'content/aus/rhel8/8.4/x86_64/baseos/os',\n 'content/aus/rhel8/8.4/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.4/aarch64/appstream/debug',\n 'content/e4s/rhel8/8.4/aarch64/appstream/os',\n 'content/e4s/rhel8/8.4/aarch64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.4/aarch64/baseos/debug',\n 'content/e4s/rhel8/8.4/aarch64/baseos/os',\n 'content/e4s/rhel8/8.4/aarch64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.4/ppc64le/appstream/debug',\n 'content/e4s/rhel8/8.4/ppc64le/appstream/os',\n 'content/e4s/rhel8/8.4/ppc64le/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.4/ppc64le/baseos/debug',\n 'content/e4s/rhel8/8.4/ppc64le/baseos/os',\n 'content/e4s/rhel8/8.4/ppc64le/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.4/ppc64le/highavailability/debug',\n 'content/e4s/rhel8/8.4/ppc64le/highavailability/os',\n 'content/e4s/rhel8/8.4/ppc64le/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.4/ppc64le/sap-solutions/debug',\n 'content/e4s/rhel8/8.4/ppc64le/sap-solutions/os',\n 'content/e4s/rhel8/8.4/ppc64le/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.4/ppc64le/sap/debug',\n 'content/e4s/rhel8/8.4/ppc64le/sap/os',\n 'content/e4s/rhel8/8.4/ppc64le/sap/source/SRPMS',\n 'content/e4s/rhel8/8.4/s390x/appstream/debug',\n 'content/e4s/rhel8/8.4/s390x/appstream/os',\n 'content/e4s/rhel8/8.4/s390x/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.4/s390x/baseos/debug',\n 'content/e4s/rhel8/8.4/s390x/baseos/os',\n 'content/e4s/rhel8/8.4/s390x/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/appstream/debug',\n 'content/e4s/rhel8/8.4/x86_64/appstream/os',\n 'content/e4s/rhel8/8.4/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/baseos/debug',\n 'content/e4s/rhel8/8.4/x86_64/baseos/os',\n 'content/e4s/rhel8/8.4/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/highavailability/debug',\n 'content/e4s/rhel8/8.4/x86_64/highavailability/os',\n 'content/e4s/rhel8/8.4/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/nfv/debug',\n 'content/e4s/rhel8/8.4/x86_64/nfv/os',\n 'content/e4s/rhel8/8.4/x86_64/nfv/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/sap-solutions/debug',\n 'content/e4s/rhel8/8.4/x86_64/sap-solutions/os',\n 'content/e4s/rhel8/8.4/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/sap/debug',\n 'content/e4s/rhel8/8.4/x86_64/sap/os',\n 'content/e4s/rhel8/8.4/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.4/aarch64/appstream/debug',\n 'content/eus/rhel8/8.4/aarch64/appstream/os',\n 'content/eus/rhel8/8.4/aarch64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.4/aarch64/baseos/debug',\n 'content/eus/rhel8/8.4/aarch64/baseos/os',\n 'content/eus/rhel8/8.4/aarch64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.4/aarch64/codeready-builder/debug',\n 'content/eus/rhel8/8.4/aarch64/codeready-builder/os',\n 'content/eus/rhel8/8.4/aarch64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.4/aarch64/highavailability/debug',\n 'content/eus/rhel8/8.4/aarch64/highavailability/os',\n 'content/eus/rhel8/8.4/aarch64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.4/aarch64/supplementary/debug',\n 'content/eus/rhel8/8.4/aarch64/supplementary/os',\n 'content/eus/rhel8/8.4/aarch64/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/appstream/debug',\n 'content/eus/rhel8/8.4/ppc64le/appstream/os',\n 'content/eus/rhel8/8.4/ppc64le/appstream/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/baseos/debug',\n 'content/eus/rhel8/8.4/ppc64le/baseos/os',\n 'content/eus/rhel8/8.4/ppc64le/baseos/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/codeready-builder/debug',\n 'content/eus/rhel8/8.4/ppc64le/codeready-builder/os',\n 'content/eus/rhel8/8.4/ppc64le/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/highavailability/debug',\n 'content/eus/rhel8/8.4/ppc64le/highavailability/os',\n 'content/eus/rhel8/8.4/ppc64le/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/resilientstorage/debug',\n 'content/eus/rhel8/8.4/ppc64le/resilientstorage/os',\n 'content/eus/rhel8/8.4/ppc64le/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/sap-solutions/debug',\n 'content/eus/rhel8/8.4/ppc64le/sap-solutions/os',\n 'content/eus/rhel8/8.4/ppc64le/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/sap/debug',\n 'content/eus/rhel8/8.4/ppc64le/sap/os',\n 'content/eus/rhel8/8.4/ppc64le/sap/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/supplementary/debug',\n 'content/eus/rhel8/8.4/ppc64le/supplementary/os',\n 'content/eus/rhel8/8.4/ppc64le/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/appstream/debug',\n 'content/eus/rhel8/8.4/s390x/appstream/os',\n 'content/eus/rhel8/8.4/s390x/appstream/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/baseos/debug',\n 'content/eus/rhel8/8.4/s390x/baseos/os',\n 'content/eus/rhel8/8.4/s390x/baseos/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/codeready-builder/debug',\n 'content/eus/rhel8/8.4/s390x/codeready-builder/os',\n 'content/eus/rhel8/8.4/s390x/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/highavailability/debug',\n 'content/eus/rhel8/8.4/s390x/highavailability/os',\n 'content/eus/rhel8/8.4/s390x/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/resilientstorage/debug',\n 'content/eus/rhel8/8.4/s390x/resilientstorage/os',\n 'content/eus/rhel8/8.4/s390x/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/sap/debug',\n 'content/eus/rhel8/8.4/s390x/sap/os',\n 'content/eus/rhel8/8.4/s390x/sap/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/supplementary/debug',\n 'content/eus/rhel8/8.4/s390x/supplementary/os',\n 'content/eus/rhel8/8.4/s390x/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/appstream/debug',\n 'content/eus/rhel8/8.4/x86_64/appstream/os',\n 'content/eus/rhel8/8.4/x86_64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/baseos/debug',\n 'content/eus/rhel8/8.4/x86_64/baseos/os',\n 'content/eus/rhel8/8.4/x86_64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/codeready-builder/debug',\n 'content/eus/rhel8/8.4/x86_64/codeready-builder/os',\n 'content/eus/rhel8/8.4/x86_64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/highavailability/debug',\n 'content/eus/rhel8/8.4/x86_64/highavailability/os',\n 'content/eus/rhel8/8.4/x86_64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/resilientstorage/debug',\n 'content/eus/rhel8/8.4/x86_64/resilientstorage/os',\n 'content/eus/rhel8/8.4/x86_64/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/sap-solutions/debug',\n 'content/eus/rhel8/8.4/x86_64/sap-solutions/os',\n 'content/eus/rhel8/8.4/x86_64/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/sap/debug',\n 'content/eus/rhel8/8.4/x86_64/sap/os',\n 'content/eus/rhel8/8.4/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/supplementary/debug',\n 'content/eus/rhel8/8.4/x86_64/supplementary/os',\n 'content/eus/rhel8/8.4/x86_64/supplementary/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/appstream/debug',\n 'content/tus/rhel8/8.4/x86_64/appstream/os',\n 'content/tus/rhel8/8.4/x86_64/appstream/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/baseos/debug',\n 'content/tus/rhel8/8.4/x86_64/baseos/os',\n 'content/tus/rhel8/8.4/x86_64/baseos/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/highavailability/debug',\n 'content/tus/rhel8/8.4/x86_64/highavailability/os',\n 'content/tus/rhel8/8.4/x86_64/highavailability/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/nfv/debug',\n 'content/tus/rhel8/8.4/x86_64/nfv/os',\n 'content/tus/rhel8/8.4/x86_64/nfv/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/rt/debug',\n 'content/tus/rhel8/8.4/x86_64/rt/os',\n 'content/tus/rhel8/8.4/x86_64/rt/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'thunderbird-91.7.0-2.el8_4', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_