CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
70.5%
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.
This update upgrades Firefox to version 102.11.0 ESR.
Security Fix(es):
Mozilla: Browser prompts could have been obscured by popups (CVE-2023-32205)
Mozilla: Crash in RLBox Expat driver (CVE-2023-32206)
Mozilla: Potential permissions request bypass via clickjacking (CVE-2023-32207)
Mozilla: Memory safety bugs fixed in Firefox 113 and Firefox ESR 102.11 (CVE-2023-32215)
Mozilla: Content process crash due to invalid wasm code (CVE-2023-32211)
Mozilla: Potential spoof due to obscured address bar (CVE-2023-32212)
Mozilla: Potential memory corruption in FileReader::DoReadData() (CVE-2023-32213)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
bugzilla.redhat.com/show_bug.cgi?id=2196736
bugzilla.redhat.com/show_bug.cgi?id=2196737
bugzilla.redhat.com/show_bug.cgi?id=2196738
bugzilla.redhat.com/show_bug.cgi?id=2196740
bugzilla.redhat.com/show_bug.cgi?id=2196741
bugzilla.redhat.com/show_bug.cgi?id=2196742
bugzilla.redhat.com/show_bug.cgi?id=2196753
errata.rockylinux.org/RLSA-2023:3220
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
70.5%