MiracleLinux 8 : firefox-115.7.0-1.el8_9.ML.1 (AXSA:2024-7500:06)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2024-7500:06 advisory. Mozilla: Out of bounds write in ANGLE CVE-2024-0741 Mozilla: Failure to update user input timestamp CVE-2024-0742 Mozilla: Crash when listing printe...

MiracleLinux 9 : thunderbird-102.14.0-1.el9.ML.1 (AXSA:2023-6344:22)

The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-6344:22 advisory. Mozilla: Offscreen Canvas could have bypassed cross-origin restrictions CVE-2023-4045 Mozilla: Incorrect value used during WASM compilation...

MiracleLinux 8 : firefox-102.14.0-1.el8.ML.1 (AXSA:2023-6318:29)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-6318:29 advisory. Mozilla: Offscreen Canvas could have bypassed cross-origin restrictions CVE-2023-4045 Mozilla: Incorrect value used during WASM compilation...

MiracleLinux 8 : thunderbird-115.7.0-1.el8_9.ML.1 (AXSA:2024-7501:04)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2024-7501:04 advisory. Mozilla: Out of bounds write in ANGLE CVE-2024-0741 Mozilla: Failure to update user input timestamp CVE-2024-0742 Mozilla: Crash when listing printe...

MiracleLinux 8 : thunderbird-102.11.0-1.el8.ML.1 (AXSA:2023-6153:18)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-6153:18 advisory. Mozilla: Browser prompts could have been obscured by popups CVE-2023-32205 Mozilla: Crash in RLBox Expat driver CVE-2023-32206 Mozilla: Potential...

MiracleLinux 7 : firefox-102.11.0-2.0.1.el7.AXS7 (AXSA:2023-5464:18)

The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-5464:18 advisory. Mozilla: Browser prompts could have been obscured by popups CVE-2023-32205 Mozilla: Crash in RLBox Expat driver CVE-2023-32206 Mozilla: Potential...

MiracleLinux 8 : firefox-115.11.0-1.el8_10.ML.1 (AXSA:2024-8466:22)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2024-8466:22 advisory. firefox: Arbitrary JavaScript execution in PDF.js CVE-2024-4367 firefox: IndexedDB files retained in private browsing mode CVE-2024-4767 firefox:...

SUSE-SU-2024:1858-1 Security update for MozillaThunderbird

This update for MozillaThunderbird fixes the following issues: Update to version 115.11 bsc1224056: - CVE-2024-4367: Arbitrary JavaScript execution in PDF.js - CVE-2024-4767: IndexedDB files retained in private browsing mode - CVE-2024-4768: Potential permissions request bypass via clickjacking -...

SUSE-SU-2024:1770-1 Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues: Update to version 115.11.0 ESR bsc1224056: - CVE-2024-4367: Arbitrary JavaScript execution in PDF.js - CVE-2024-4767: IndexedDB files retained in private browsing mode - CVE-2024-4768: Potential permissions request bypass via clickjacking...

MGASA-2024-0191 Updated thunderbird packages fix security vulnerabilities

Arbitrary JavaScript execution in PDF.js. CVE-2024-4367 IndexedDB files retained in private browsing mode. CVE-2024-4767 Potential permissions request bypass via clickjacking. CVE-2024-4768 Cross-origin responses could be distinguished between script and non-script content-types. CVE-2024-4769...

Important: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

Updated firefox/thunderbird packages fix security vulnerability

Use-after-free in workers. CVE-2023-3600 File Extension Spoofing using the Text Direction Override Character. CVE-2023-3417 Offscreen Canvas could have bypassed cross-origin restrictions. CVE-2023-4045 Incorrect value used during WASM compilation. CVE-2023-4046 Potential permissions request bypas...

RHEL 9 : thunderbird (RHSA-2023:4499)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:4499 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.14.0. Security Fixes: Mozilla...

SUSE-SU-2023:3163-1 Security update for MozillaFirefox

This update for MozillaFirefox fixes the following security issues: Firefox was updated to Extended Support Release 115.1.0 ESR bsc1213746. - CVE-2023-4045: Fixed cross-origin restrictions bypass with Offscreen Canvas bmo1833876. - CVE-2023-4046: Fixed incorrect value used during WASM compilation...

SUSE-SU-2023:3161-1 Security update for MozillaFirefox

This update for MozillaFirefox fixes the following security issues: Firefox was updated to Extended Support Release 115.1.0 ESR bsc1213746. - CVE-2023-4045: Fixed cross-origin restrictions bypass with Offscreen Canvas bmo1833876. - CVE-2023-4046: Fixed incorrect value used during WASM compilation...

SUSE-SU-2023:2175-1 Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues: Extended Support Release 102.11.0 ESR bsc1211175: - CVE-2023-32205: Browser prompts could have been obscured by popups - CVE-2023-32206: Crash in RLBox Expat driver - CVE-2023-32207: Potential permissions request bypass via clickjacking -...

SUSE CVE-2013-5029

phpMyAdmin 3.5.x and 4.0.x before 4.0.5 allows remote attackers to bypass the clickjacking protection mechanism via certain vectors related to Header.class.php...