Security Vulnerabilities fixed in Firefox ESR 115.8 — Mozilla

🗓️ 20 Feb 2024 00:00:00Reported by Mozilla FoundationType

mozilla

mozilla🔗 www.mozilla.org👁 34 Views

Security Vulnerabilities fixed in Firefox ESR 115.

Reporter	Title	Published	Views	Family All 530
Tenable Nessus	Amazon Linux 2 : thunderbird (ALAS-2024-2477)	5 Mar 202400:00	–	nessus
Tenable Nessus	Amazon Linux 2 : firefox (ALASFIREFOX-2024-022)	6 Mar 202400:00	–	nessus
Tenable Nessus	AlmaLinux 9 : firefox (ALSA-2024:0952)	28 Feb 202400:00	–	nessus
Tenable Nessus	AlmaLinux 8 : firefox (ALSA-2024:0955)	28 Feb 202400:00	–	nessus
Tenable Nessus	AlmaLinux 9 : thunderbird (ALSA-2024:0963)	28 Feb 202400:00	–	nessus
Tenable Nessus	AlmaLinux 8 : thunderbird (ALSA-2024:0964)	28 Feb 202400:00	–	nessus
Tenable Nessus	CentOS 8 : firefox (CESA-2024:0955)	7 Mar 202400:00	–	nessus
Tenable Nessus	CentOS 8 : thunderbird (CESA-2024:0964)	7 Mar 202400:00	–	nessus
Tenable Nessus	CentOS 7 : thunderbird (RHSA-2024:0957)	29 Feb 202400:00	–	nessus
Tenable Nessus	CentOS 7 : firefox (RHSA-2024:0976)	26 Feb 202400:00	–	nessus

Vulners

Node

mozilla firefoxRange<115.8esr

Source	Link
bugzilla	www.bugzilla.mozilla.org/show_bug.cgi
bugzilla	www.bugzilla.mozilla.org/buglist.cgi
bugzilla	www.bugzilla.mozilla.org/show_bug.cgi
bugzilla	www.bugzilla.mozilla.org/show_bug.cgi
bugzilla	www.bugzilla.mozilla.org/show_bug.cgi
bugzilla	www.bugzilla.mozilla.org/show_bug.cgi
bugzilla	www.bugzilla.mozilla.org/show_bug.cgi
bugzilla	www.bugzilla.mozilla.org/show_bug.cgi

20 Feb 2024 00:00Current

8.1High risk

Vulners AI Score8.1

CVSS 3.17.5 - 8.1

EPSS0.0073

SSVC

firefox esr mozilla networking buffer length memory read api calls alert dialog redirection user confusion spoofing attack custom cursor permission dialog fullscreen notification set-cookie header content-type numeric conversions memory safety bugs arbitrary code.