46 matches found
MiracleLinux 8 : firefox-91.11.0-2.el8.ML.1 (AXSA:2022-3746:19)
The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2022-3746:19 advisory. Mozilla: CSP sandbox header without allow-scripts can be bypassed via retargeted javascript: URI CVE-2022-34468 Mozilla: Use-after-free in nsSHistor...
MiracleLinux 9 : firefox-91.11.0-2.el9.ML.1 (AXSA:2022-4023:32)
The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2022-4023:32 advisory. Mozilla: CSP sandbox header without allow-scripts can be bypassed via retargeted javascript: URI CVE-2022-34468 Mozilla: Use-after-free in nsSHistor...
CVE-2022-31744
An attacker could have injected CSS into stylesheets accessible via internal URIs, such as resource:, and in doing so bypass a page's Content Security Policy. This vulnerability affects Firefox ESR 91.11, Thunderbird 102, Thunderbird 91.11, and Firefox 101...
CVE-2022-31744
An attacker could have injected CSS into stylesheets accessible via internal URIs, such as resource:, and in doing so bypass a page's Content Security Policy. This vulnerability affects Firefox ESR 91.11, Thunderbird 102, Thunderbird 91.11, and Firefox 101...
CVE-2022-31744
CVE-2022-31744 involves an CSS injection flaw that could let an attacker inject CSS into stylesheets accessible via internal URIs (e.g., resource:) and bypass a page's Content Security Policy. Affected products include Firefox ESR < 91.11, Thunderbird < 102, Thunderbird < 91.11, and Fire...
SUSE SLED15: MozillaThunderbird / MozillaThunderbird-translations-common / etc (SUSE-SU-2022:3281-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3281-1 advisory. Updated to Mozilla Thunderbird 102.2.2: - CVE-2022-3033: Fixed leaking of sensitive information...
CentOS: Security Advisory for thunderbird (CESA-2022:5480)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
CentOS: Security Advisory for firefox (CESA-2022:5479)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
SUSE: Security Advisory (SUSE-SU-2022:2313-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES12 Security Update : MozillaFirefox (SUSE-SU-2022:2289-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2289-1 advisory. - If an object prototype was corrupted by an attacker, they would have been able to set undesired attributes on a JavaScript object...
SUSE: Security Advisory (SUSE-SU-2022:2320-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLED15 / SLES15 Security Update : MozillaFirefox (SUSE-SU-2022:2313-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2313-1 advisory. - If an object prototype was corrupted by an attacker, they would have been able to set undesired attributes o...
openSUSE: Security Advisory for MozillaThunderbird (SUSE-SU-2022:2320-1)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
openSUSE: Security Advisory for MozillaFirefox (SUSE-SU-2022:2313-1)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
SUSE SLED15 / SLES15 Security Update : MozillaThunderbird (SUSE-SU-2022:2320-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2320-1 advisory. - If an object prototype was corrupted by an attacker, they would have been able to set undesired attributes o...
Oracle Linux 9 : firefox (ELSA-2022-5481)
The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2022-5481 advisory. 91.11.0-2.0.1 - Replaced upstream package with oracle-indexhtml Orabug: 33802044 - Add firefox-oracle-default-prefs.js and remove the corresponding Red...
Mozilla Thunderbird Security Advisory (MFSA2022-26) - Windows
Mozilla Thunderbird is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:thunderbird";...
SUSE: Security Advisory (SUSE-SU-2022:2289-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DSA-5175-1 : thunderbird - security update
The remote Debian 10 / 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5175 advisory. Multiple security issues were discovered in Thunderbird, which could result in denial of service or the execution of arbitrary code. For the oldstable...
Scientific Linux Security Update : firefox on SL7.x i686/x86_64 (2022:5479)
The remote Scientific Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the SLSA-2022:5479-1 advisory. - Mozilla: CSP sandbox header without allow-scripts can be bypassed via retargeted javascript: URI CVE-2022-34468 - Mozilla: Use-after-free in...