Lucene search
RedHatRHSA-2023:5426HistoryOct 04, 2023 - 10:43 a.m.
(RHSA-2023:5426) Important: firefox security update
2023-10-0410:43:29
access.redhat.com
20
mozilla
web browser
security update
cve-2023-3600
cve-2023-5169
cve-2023-5171
cve-2023-5176
cve-2023-5217
libvpx
memory safety bugs
0.296 Low
EPSS
Percentile
96.9%
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.
This update upgrades Firefox to version 115.3.1 ESR.
Security Fix(es):
-
firefox: use-after-free in workers (CVE-2023-3600)
-
Mozilla: Out-of-bounds write in PathOps (CVE-2023-5169)
-
Mozilla: Use-after-free in Ion Compiler (CVE-2023-5171)
-
Mozilla: Memory safety bugs fixed in Firefox 118, Firefox ESR 115.3, and Thunderbird 115.3 (CVE-2023-5176)
-
libvpx: Heap buffer overflow in vp8 encoding in libvpx (CVE-2023-5217)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| RedHat | 8 | x86_64 | firefox | < 115.3.1-1.el8_2 | firefox-115.3.1-1.el8_2.x86_64.rpm |
| RedHat | 8 | ppc64le | firefox-debugsource | < 115.3.1-1.el8_2 | firefox-debugsource-115.3.1-1.el8_2.ppc64le.rpm |
| RedHat | 8 | x86_64 | firefox-debuginfo | < 115.3.1-1.el8_2 | firefox-debuginfo-115.3.1-1.el8_2.x86_64.rpm |
| RedHat | 8 | ppc64le | firefox | < 115.3.1-1.el8_2 | firefox-115.3.1-1.el8_2.ppc64le.rpm |
| RedHat | 8 | x86_64 | firefox-debugsource | < 115.3.1-1.el8_2 | firefox-debugsource-115.3.1-1.el8_2.x86_64.rpm |
| RedHat | 8 | ppc64le | firefox-debuginfo | < 115.3.1-1.el8_2 | firefox-debuginfo-115.3.1-1.el8_2.ppc64le.rpm |
Related
osv
osv
Important: thunderbird security update
2023-10-05 21:35:58
Important: thunderbird security update
2023-10-05 21:35:15
Important: thunderbird security update
2023-10-04 00:00:00
redhat
redhat
(RHSA-2023:5440) Important: firefox security update
2023-10-04 11:13:53
(RHSA-2023:5434) Important: firefox security update
2023-10-04 10:52:28
(RHSA-2023:5432) Important: thunderbird security update
2023-10-04 10:50:12
nessus
nessus
RHEL 9 : firefox (RHSA-2023:5427)
2023-10-04 00:00:00
RHEL 9 : firefox (RHSA-2023:5434)
2023-10-04 00:00:00
CentOS 7 : firefox (RHSA-2023:5477)
2023-12-22 00:00:00
oraclelinux
oraclelinux
thunderbird security update
2023-10-05 00:00:00
firefox security update
2023-10-13 00:00:00
thunderbird security update
2023-10-13 00:00:00
almalinux
almalinux
Important: firefox security update
2023-10-04 00:00:00
Important: thunderbird security update
2023-10-04 00:00:00
rocky
rocky
thunderbird security update
2023-10-05 21:35:58
thunderbird security update
2023-10-05 21:35:15
openvas
openvas
Mageia: Security Advisory (MGASA-2023-0285)
2023-10-11 00:00:00
Debian: Security Advisory (DSA-5513-1)
2023-10-04 00:00:00
Debian: Security Advisory (DLA-3601-1)
2023-10-09 00:00:00
mageia
mageia
Updated Firefox and Thunderbird packages fix security vulnerabilities
2023-10-10 20:21:41
Updated libvpx packages fix security vulnerability
2023-10-02 13:18:07
debian
debian
[SECURITY] [DLA 3601-1] thunderbird security update
2023-10-09 13:53:36
[SECURITY] [DLA 3587-1] firefox-esr security update
2023-09-29 12:33:31
[SECURITY] [DSA 5513-1] thunderbird security update
2023-10-03 15:53:49
mozilla
mozilla
Security Vulnerabilities fixed in Firefox ESR 115.3 — Mozilla
2023-09-26 00:00:00
Security Vulnerabilities fixed in Thunderbird 115.3 — Mozilla
2023-09-26 00:00:00
Security Vulnerabilities fixed in Firefox 118 — Mozilla
2023-09-26 00:00:00
slackware
slackware
[slackware-security] mozilla-firefox
2023-09-26 19:39:20
[slackware-security] mozilla-thunderbird
2023-09-30 21:42:55
kaspersky
kaspersky
KLA60813 Multiple vulnerabilities in Mozilla Firefox ESR
2023-09-26 00:00:00
KLA60814 Multiple vulnerabilities in Mozilla Thunderbird
2023-09-26 00:00:00
KLA60812 Multiple vulnerabilities in Mozilla Firefox
2023-09-26 00:00:00
ubuntu
ubuntu
Firefox vulnerabilities
2023-10-03 00:00:00
Thunderbird vulnerabilities
2023-10-03 00:00:00
Firefox regressions
2023-10-11 00:00:00
fedora
fedora
[SECURITY] Fedora 39 Update: firefox-118.0.1-4.fc39
2023-10-05 21:16:09
[SECURITY] Fedora 38 Update: libvpx-1.13.0-5.fc38
2023-10-01 04:55:42
prion
prion
Memory corruption
2023-09-27 15:19:00
Out-of-bounds
2023-09-27 15:19:00
Design/Logic Flaw
2023-09-27 15:19:00
alpinelinux
alpinelinux
debiancve
debiancve
veracode
veracode
Denial Of Service (DoS)
2023-10-02 19:12:51
Denial Of Service (DoS)
2023-10-02 19:13:37
Memory Corruptions
2023-10-02 19:12:45
ubuntucve
ubuntucve
redhatcve
redhatcve
cvelist
cvelist
cve
cve
cnvd
cnvd
Mozilla Firefox Memory Corruption Vulnerability (CNVD-2023-74540)
2023-10-07 00:00:00
github
github
Electron affected by libvpx's heap buffer overflow in vp8 encoding
2023-09-28 18:30:45
githubexploit
githubexploit
Exploit for Out-of-bounds Write in Webmproject Libvpx
2023-10-06 10:43:38
Exploit for Out-of-bounds Write in Webmproject Libvpx
2023-10-06 11:01:08
f5
f5
K000137105 : libvpx vulnerability CVE-2023-5217
2023-10-03 00:00:00
mscve
mscve
Chromium: CVE-2023-5217 Heap buffer overflow in vp8 encoding in libvpx
2023-09-29 16:24:54
freebsd
freebsd
electron{22,24,25} -- Heap buffer overflow in vp8 encoding in libvpx
2023-09-28 00:00:00
cisa_kev
cisa_kev
Google Chromium libvpx Heap Buffer Overflow Vulnerability
2023-10-02 00:00:00
malwarebytes
malwarebytes
Update Chrome now! Google patches another actively exploited vulnerability
2023-09-29 11:15:00