Mozilla多款产品 安全漏洞

Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. An information disclosure vulnerability exists in several Mozilla produc...

[SECURITY] Fedora 42 Update: golang-github-tetratelabs-wazero-1.11.0-1.fc42

WebAssembly is a way to safely run code compiled in other languages. Runtimes execute WebAssembly Modules Wasm, which are most often binaries with a .wasm extension. wazero is a WebAssembly Core Specification 1.0 and 2.0 compliant runtime written in Go. It has zero dependencies, and doesn't rely ...

MiracleLinux 8 : firefox-102.14.0-1.el8.ML.1 (AXSA:2023-6318:29)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-6318:29 advisory. Mozilla: Offscreen Canvas could have bypassed cross-origin restrictions CVE-2023-4045 Mozilla: Incorrect value used during WASM compilation...

MiracleLinux 7 : java-11-openjdk-11.0.23.0.9-2.el7 (AXSA:2024-7701:06)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7701:06 advisory. OpenJDK: long Exception message leading to crash 8319851 CVE-2024-21011 OpenJDK: integer overflow in C1 compiler address generation 8322122...

MiracleLinux 9 : firefox-102.14.0-1.el9.ML.1 (AXSA:2023-6315:28)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6315:28 advisory. Mozilla: Offscreen Canvas could have bypassed cross-origin restrictions CVE-2023-4045 Mozilla: Incorrect value used during WASM compilation...

MiracleLinux 7 : java-11-openjdk-11.0.16.0.8-1.el7 (AXSA:2022-3588:09)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3588:09 advisory. OpenJDK: integer truncation issue in Xalan-J JAXP, 8285407 CVE-2022-34169 OpenJDK: class compilation issue Hotspot, 8281859 CVE-2022-21540 OpenJDK:...

MiracleLinux 9 : java-11-openjdk-11.0.23.0.9-3.el9.ML.1 (AXSA:2024-7717:10)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7717:10 advisory. OpenJDK: long Exception message leading to crash 8319851 CVE-2024-21011 OpenJDK: integer overflow in C1 compiler address generation 8322122...

MiracleLinux 9 : c-ares-1.19.1-1.el9 (AXSA:2023-6745:04)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6745:04 advisory. c-ares: buffer overflow in configsortlist due to missing string length check CVE-2022-4904 c-ares: Buffer Underwrite in aresinetnetpton CVE-2023-311...

MiracleLinux 8 : java-17-openjdk-17.0.4.0.8-2.el8 (AXSA:2022-3706:04)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3706:04 advisory. OpenJDK: integer truncation issue in Xalan-J JAXP, 8285407 CVE-2022-34169 OpenJDK: class compilation issue Hotspot, 8281859 CVE-2022-21540 OpenJDK:...

MiracleLinux 8 : java-1.8.0-openjdk-1.8.0.342.b07-2.el8 (AXSA:2022-3696:07)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3696:07 advisory. OpenJDK: integer truncation issue in Xalan-J JAXP, 8285407 CVE-2022-34169 OpenJDK: class compilation issue Hotspot, 8281859 CVE-2022-21540 OpenJDK:...

MiracleLinux 8 : nodejs:18 (AXSA:2023-6227:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6227:01 advisory. c-ares: 0-byte UDP payload Denial of Service CVE-2023-32067 c-ares: buffer overflow in configsortlist due to missing string length check CVE-2022-49...

MiracleLinux 9 : thunderbird-102.14.0-1.el9.ML.1 (AXSA:2023-6344:22)

The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-6344:22 advisory. Mozilla: Offscreen Canvas could have bypassed cross-origin restrictions CVE-2023-4045 Mozilla: Incorrect value used during WASM compilation...

MiracleLinux 8 : firefox-102.9.0-3.el8.ML.1 (AXSA:2023-5235:13)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-5235:13 advisory. Mozilla: Incorrect code generation during JIT compilation CVE-2023-25751 Mozilla: Memory safety bugs fixed in Firefox 111 and Firefox ESR 102.9...

MiracleLinux 9 : nodejs:18 (AXSA:2023-6083:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6083:01 advisory. c-ares: 0-byte UDP payload Denial of Service CVE-2023-32067 c-ares: Buffer Underwrite in aresinetnetpton CVE-2023-31130 c-ares: Insufficient...

MiracleLinux 8 : nodejs:16 (AXSA:2023-6226:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6226:01 advisory. c-ares: 0-byte UDP payload Denial of Service CVE-2023-32067 c-ares: Buffer Underwrite in aresinetnetpton CVE-2023-31130 c-ares: Insufficient...

MiracleLinux 9 : nodejs-16.19.1-2.el9 (AXSA:2023-6034:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6034:01 advisory. c-ares: 0-byte UDP payload Denial of Service CVE-2023-32067 c-ares: Buffer Underwrite in aresinetnetpton CVE-2023-31130 c-ares: Insufficient...

MiracleLinux 8 : java-11-openjdk-11.0.16.0.8-1.el8 (AXSA:2022-3697:10)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3697:10 advisory. OpenJDK: integer truncation issue in Xalan-J JAXP, 8285407 CVE-2022-34169 OpenJDK: class compilation issue Hotspot, 8281859 CVE-2022-21540 OpenJDK:...

MiracleLinux 7 : firefox-102.14.0-1.0.1.el7.AXS7 (AXSA:2023-6310:27)

The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-6310:27 advisory. Mozilla: Offscreen Canvas could have bypassed cross-origin restrictions CVE-2023-4045 Mozilla: Incorrect value used during WASM compilation...

Double Free

Overview Affected versions of this package are vulnerable to Double Free in the Regexp compilation process. An attacker can execute arbitrary code or cause a denial of service by supplying a specially crafted regular expression source string. Remediation A fix was pushed into the master branch bu...

MiracleLinux 9 : tomcat-9.0.87-2.el9_5.1 (AXSA:2025-9840:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-9840:01 advisory. tomcat: RCE due to TOCTOU issue in JSP compilation CVE-2024-50379 tomcat: Potential RCE and/or information disclosure and/or information corruption...