MiracleLinux 7 : firefox-91.11.0-2.0.1.el7.AXS7 (AXSA:2022-3440:15)

The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2022-3440:15 advisory. Mozilla: CSP sandbox header without allow-scripts can be bypassed via retargeted javascript: URI CVE-2022-34468 Mozilla: Use-after-free in nsSHistor...

SUSE CVE-2022-26383

When resizing a popup after requesting fullscreen access, the popup would not display the fullscreen notification. This vulnerability affects Firefox 98, Firefox ESR 91.7, and Thunderbird 91.7...

DEBIAN-CVE-2022-34479

A malicious website that could create a popup could have resized the popup to overlay the address bar with its own content, resulting in potential user confusion or spoofing attacks. This bug only affects Thunderbird for Linux. Other operating systems are unaffected.. This vulnerability affects...

DEBIAN-CVE-2022-26383

When resizing a popup after requesting fullscreen access, the popup would not display the fullscreen notification. This vulnerability affects Firefox 98, Firefox ESR 91.7, and Thunderbird 91.7...

CVE-2022-26383

When resizing a popup after requesting fullscreen access, the popup would not display the fullscreen notification. This vulnerability affects Firefox 98, Firefox ESR 91.7, and Thunderbird 91.7...

CVE-2022-22741

CVE-2022-22741 : A fullscreen-related issue in Firefox/Thunderbird where resizing a popup while requesting fullscreen could trap the popup in fullscreen and prevent exit. Affected: Firefox ESR < 91.5, Firefox < 96, Thunderbird

CVE-2022-34479

A malicious website that could create a popup could have resized the popup to overlay the address bar with its own content, resulting in potential user confusion or spoofing attacks. This bug only affects Thunderbird for Linux. Other operating systems are unaffected.. This vulnerability affects...

Debian DLA-2942-1 : firefox-esr - LTS security update

The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-2942 advisory. - If an attacker could control the contents of an iframe sandboxed with allow-popups but not allow-scripts, they were able to craft a link that, when clicked, woul...

UBUNTU-CVE-2022-26383

When resizing a popup after requesting fullscreen access, the popup would not display the fullscreen notification. This vulnerability affects Firefox 98, Firefox ESR 91.7, and Thunderbird 91.7...

CVE-2022-22741

When resizing a popup while requesting fullscreen access, the popup would have become unable to leave fullscreen mode. This vulnerability affects Firefox ESR 91.5, Firefox 96, and Thunderbird 91.5...

UBUNTU-CVE-2022-22741

When resizing a popup while requesting fullscreen access, the popup would have become unable to leave fullscreen mode. This vulnerability affects Firefox ESR 91.5, Firefox 96, and Thunderbird 91.5...

Mozilla: Browser window spoof using fullscreen mode

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as: When resizing a popup and requesting fullscreen access, the popup would have become unable to leave fullscreen mode...