44 matches found
CVE-2025-3028 vulnerabilities
Vulnerabilities for packages: firefox-esr, firefox...
MiracleLinux 9 : firefox-128.9.0-2.el9_5.ML.1 (AXSA:2025-9835:10)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-9835:10 advisory. firefox: thunderbird: URL Bar Spoofing via non-BMP Unicode characters CVE-2025-3029 firefox: thunderbird: Use-after-free triggered by XSLTProcessor...
TencentOS Server 4: mozjs (TSSA-2025:0325)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0325 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...
TencentOS Server 3: firefox (TSSA-2025:0308)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0308 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...
TencentOS Server 3: thunderbird (TSSA-2025:0351)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0351 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...
Fedora 42 : firefox (2025-4e7468921a)
The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-4e7468921a advisory. - Updated to latest upstream 137.0 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessu...
RHEL 10 : firefox (RHSA-2025:7491)
The remote Redhat Enterprise Linux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:7491 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox:...
Important: thunderbird
Issue Overview: JavaScript code running while transforming a document with the XSLTProcessor could lead to a use-after-free. This vulnerability affects Firefox 137, Firefox ESR 115.22, Firefox ESR 128.9, Thunderbird 137, and Thunderbird 128.9. CVE-2025-3028 A crafted URL containing specific Unico...
Amazon Linux 2023 : firefox (ALAS2023-2025-943)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-943 advisory. JavaScript code running while transforming a document with the XSLTProcessor could lead to a use-after- free. This vulnerability affects Firefox 137, Firefox ESR 115.22, Firefox ESR 128.9,...
Important: thunderbird security update
Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: URL Bar Spoofing via non-BMP Unicode characters CVE-2025-3029 firefox: thunderbird: Use-after-free triggered by XSLTProcessor CVE-2025-3028 firefox: thunderbird: Memory safety bugs fixed in Firefo...
Important: thunderbird security update
Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: URL Bar Spoofing via non-BMP Unicode characters CVE-2025-3029 firefox: thunderbird: Use-after-free triggered by XSLTProcessor CVE-2025-3028 firefox: thunderbird: Memory safety bugs fixed in Firefo...
RHEL 8 : thunderbird (RHSA-2025:4032)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:4032 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: thunderbird: Use-after-free triggered by XSLTProcessor...
RHEL 8 : thunderbird (RHSA-2025:4029)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:4029 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: thunderbird: Use-after-free triggered by XSLTProcessor...
RHEL 9 : thunderbird (RHSA-2025:4027)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:4027 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: thunderbird: Use-after-free triggered by XSLTProcessor...
RHEL 9 : thunderbird (RHSA-2025:4026)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:4026 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: thunderbird: Use-after-free triggered by XSLTProcessor...
firefox security update
128.9.0-2.0.1 - Update to 128.9.0 build2 Orabug: 37796786CVE-2025-3028CVE-2025-3029 CVE-2025-3030...
RHEL 8 : firefox (RHSA-2025:3621)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:3621 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox:...
libmozjs-128-0-128.9.0-1.1 on GA media (moderate)
libmozjs-128-0-128.9.0-1.1 on GA media Announcement ID: openSUSE-SU-2025:14975-1 Rating: moderate Cross-References: CVE-2025-3028 CVSS scores: CVE-2025-3028 SUSE : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L Affected Products: openSUSE Tumbleweed An update that solves one vulnerability can n...
openSUSE Security Advisory (SUSE-SU-2025:1157-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Advisory (SUSE-SU-2025:1138-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...