Lucene search
RedHatRHSA-2023:5477HistoryOct 05, 2023 - 1:52 p.m.
(RHSA-2023:5477) Important: firefox security update
2023-10-0513:52:42
access.redhat.com
18
mozilla
cve-2023-3600
security update
0.245 Low
EPSS
Percentile
96.7%
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.
This update upgrades Firefox to version 115.3.1 ESR.
Security Fix(es):
-
firefox: use-after-free in workers (CVE-2023-3600)
-
Mozilla: Out-of-bounds write in PathOps (CVE-2023-5169)
-
Mozilla: Use-after-free in Ion Compiler (CVE-2023-5171)
-
Mozilla: Memory safety bugs fixed in Firefox 118, Firefox ESR 115.3, and Thunderbird 115.3 (CVE-2023-5176)
-
libvpx: Heap buffer overflow in vp8 encoding in libvpx (CVE-2023-5217)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| RedHat | 7 | ppc64 | firefox-debuginfo | < 115.3.1-1.el7_9 | firefox-debuginfo-115.3.1-1.el7_9.ppc64.rpm |
| RedHat | 7 | ppc64le | firefox | < 115.3.1-1.el7_9 | firefox-115.3.1-1.el7_9.ppc64le.rpm |
| RedHat | 7 | ppc64 | firefox | < 115.3.1-1.el7_9 | firefox-115.3.1-1.el7_9.ppc64.rpm |
| RedHat | 7 | s390x | firefox | < 115.3.1-1.el7_9 | firefox-115.3.1-1.el7_9.s390x.rpm |
| RedHat | 7 | x86_64 | firefox-debuginfo | < 115.3.1-1.el7_9 | firefox-debuginfo-115.3.1-1.el7_9.x86_64.rpm |
| RedHat | 7 | x86_64 | firefox | < 115.3.1-1.el7_9 | firefox-115.3.1-1.el7_9.x86_64.rpm |
| RedHat | 7 | ppc64le | firefox-debuginfo | < 115.3.1-1.el7_9 | firefox-debuginfo-115.3.1-1.el7_9.ppc64le.rpm |
| RedHat | 7 | s390x | firefox-debuginfo | < 115.3.1-1.el7_9 | firefox-debuginfo-115.3.1-1.el7_9.s390x.rpm |
| RedHat | 7 | i686 | firefox | < 115.3.1-1.el7_9 | firefox-115.3.1-1.el7_9.i686.rpm |
| RedHat | 7 | i686 | firefox-debuginfo | < 115.3.1-1.el7_9 | firefox-debuginfo-115.3.1-1.el7_9.i686.rpm |
Related
nessus
nessus
RHEL 8 : firefox (RHSA-2023:5433)
2023-10-04 00:00:00
RHEL 8 : thunderbird (RHSA-2023:5438)
2023-10-04 00:00:00
AlmaLinux 8 : firefox (ALSA-2023:5433)
2023-10-10 00:00:00
oraclelinux
oraclelinux
thunderbird security update
2023-10-13 00:00:00
firefox security update
2023-10-13 00:00:00
thunderbird security update
2023-10-06 00:00:00
almalinux
almalinux
Important: firefox security update
2023-10-04 00:00:00
Important: thunderbird security update
2023-10-04 00:00:00
osv
osv
Important: thunderbird security update
2023-10-05 21:35:15
Important: thunderbird security update
2023-10-04 00:00:00
Important: thunderbird security update
2023-10-05 21:35:58
redhat
redhat
(RHSA-2023:5475) Important: thunderbird security update
2023-10-05 13:52:19
(RHSA-2023:5426) Important: firefox security update
2023-10-04 10:43:29
(RHSA-2023:5433) Important: firefox security update
2023-10-04 10:50:52
mageia
mageia
Updated Firefox and Thunderbird packages fix security vulnerabilities
2023-10-10 20:21:41
rocky
rocky
thunderbird security update
2023-10-05 21:35:58
thunderbird security update
2023-10-05 21:35:15
openvas
openvas
Debian: Security Advisory (DLA-3601-1)
2023-10-09 00:00:00
Debian: Security Advisory (DSA-5513-1)
2023-10-04 00:00:00
Mageia: Security Advisory (MGASA-2023-0285)
2023-10-11 00:00:00
debian
debian
[SECURITY] [DLA 3601-1] thunderbird security update
2023-10-09 13:53:15
[SECURITY] [DLA 3587-1] firefox-esr security update
2023-09-29 12:33:11
[SECURITY] [DSA 5506-1] firefox-esr security update
2023-09-28 18:46:14
slackware
slackware
[slackware-security] mozilla-firefox
2023-09-26 19:39:20
[slackware-security] libvpx
2023-09-30 21:42:24
[slackware-security] mozilla-firefox
2023-09-28 21:46:24
kaspersky
kaspersky
KLA60813 Multiple vulnerabilities in Mozilla Firefox ESR
2023-09-26 00:00:00
KLA60814 Multiple vulnerabilities in Mozilla Thunderbird
2023-09-26 00:00:00
KLA60821 DoS vulnerability in Mozilla Firefox ESR
2023-09-28 00:00:00
mozilla
mozilla
Security Vulnerabilities fixed in Firefox ESR 115.3 — Mozilla
2023-09-26 00:00:00
Security Vulnerabilities fixed in Thunderbird 115.3 — Mozilla
2023-09-26 00:00:00
Security Vulnerabilities fixed in Firefox 118 — Mozilla
2023-09-26 00:00:00
ubuntu
ubuntu
Thunderbird vulnerabilities
2023-10-03 00:00:00
Firefox vulnerabilities
2023-10-03 00:00:00
Firefox regressions
2023-10-11 00:00:00
fedora
fedora
[SECURITY] Fedora 39 Update: firefox-118.0.1-4.fc39
2023-10-05 21:16:09
[SECURITY] Fedora 38 Update: libvpx-1.13.0-5.fc38
2023-10-01 04:55:42
veracode
veracode
Denial Of Service (DoS)
2023-10-02 19:13:37
Use After Free
2023-08-06 06:38:42
Heap Buffer Overflow
2023-10-02 19:10:55
cvelist
cvelist
prion
prion
Out-of-bounds
2023-09-27 15:19:00
Design/Logic Flaw
2023-09-27 15:19:00
Memory corruption
2023-09-27 15:19:00
redhatcve
redhatcve
nvd
nvd
cnvd
cnvd
Mozilla Firefox Memory Corruption Vulnerability (CNVD-2023-74540)
2023-10-07 00:00:00
debiancve
debiancve
CVE-2023-5176
2023-09-27 15:19:42
CVE-2023-5171
2023-09-27 15:19:42
cve
cve
alpinelinux
alpinelinux
ubuntucve
ubuntucve
githubexploit
githubexploit
Exploit for Out-of-bounds Write in Webmproject Libvpx
2023-10-06 05:46:16
Exploit for Out-of-bounds Write in Webmproject Libvpx
2023-10-06 10:43:38
github
github
Electron affected by libvpx's heap buffer overflow in vp8 encoding
2023-09-28 18:30:45