54 matches found
MiracleLinux 9 : firefox-102.4.0-1.el9.ML.1 (AXSA:2023-4980:05)
The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-4980:05 advisory. Mozilla: Same-origin policy violation could have leaked cross-origin URLs CVE-2022-42927 Mozilla: Memory Corruption in JS Engine CVE-2022-42928...
Amazon Linux 2 : firefox (ALASFIREFOX-2023-010)
The version of firefox installed on the remote host is prior to 102.4.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2FIREFOX-2023-010 advisory. 2023-09-27: CVE-2021-28429 was added to this advisory. Integer overflow vulnerability in avtimecodemakestring in...
CVE-2022-42927
A same-origin policy violation could have allowed the theft of cross-origin URL entries, leaking the result of a redirect, via performance.getEntries. This vulnerability affects Firefox 106, Firefox ESR 102.4, and Thunderbird 102.4...
CVE-2022-42927
A same-origin policy violation could have allowed the theft of cross-origin URL entries, leaking the result of a redirect, via performance.getEntries. This vulnerability affects Firefox 106, Firefox ESR 102.4, and Thunderbird 102.4...
CVE-2022-42927
CVE-2022-42927 is a same-origin policy violation that could leak cross-origin URL entries and the redirect result via performance.getEntries(). Connected sources confirm impact on Firefox before version 106, Firefox ESR before 102.4, and Thunderbird before 102.4. Mitigations referenced include up...
Ubuntu: Security Advisory (USN-5724-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-5709-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security fix for the ALT Linux 10 package firefox-esr version 102.4.0-alt1
102.4.0-alt1 built Nov. 10, 2022 Andrey Cherepanov in task 309056 Oct. 24, 2022 Pavel Vasenkov - New ESR version. - Security fixes: + CVE-2022-42927 Same-origin policy violation could have leaked cross-origin URLs + CVE-2022-42928 Memory Corruption in JS Engine + CVE-2022-42929 Denial of Service...
Ubuntu: Security Advisory (USN-5709-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-5709-1: Firefox vulnerabilities
Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. CVE-2022-42927, CVE-2022-42928,...
Scientific Linux Security Update : thunderbird on SL7.x x86_64 (2022:7184)
The remote Scientific Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the SLSA-2022:7184-1 advisory. - Mozilla: Matrix SDK bundled with Thunderbird vulnerable to an impersonation attack by malicious server administrators CVE-2022-39249 - Mozilla:...
[SECURITY] [DLA 3170-1] thunderbird security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-3170-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort October 30, 2022 https://wiki.debian.org/LTS -...
Debian dla-3170 : thunderbird - security update
The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3170 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3170-1 [email protected]...
Debian: Security Advisory (DSA-5262-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DSA-5262-1 : thunderbird - security update
The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5262 advisory. - A same-origin policy violation could have allowed the theft of cross-origin URL entries, leaking the result of a redirect, via performance.getEntries...
[SECURITY] [DSA 5262-1] thunderbird security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5262-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff October 27, 2022 https://www.debian.org/security/faq -...
CVE-2022-42927
A same-origin policy violation could have allowed the theft of cross-origin URL entries, leaking the result of a redirect, via performance.getEntries. This vulnerability affects Firefox 106, Firefox ESR 102.4, and Thunderbird 102.4...
SUSE SLES12: MozillaFirefox / MozillaFirefox-devel / etc (SUSE-SU-2022:3719-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3719-1 advisory. Updated to version 102.4.0 ESR bsc1204421: - CVE-2022-42927: Fixed same-origin policy violation that could have leaked cross-origin...
SUSE SLED15: MozillaFirefox / MozillaFirefox-branding-upstream / etc (SUSE-SU-2022:3726-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3726-1 advisory. - Updated to version 102.4.0 ESR bsc1204421 - CVE-2022-42927: Fixed same-origin policy violation...
SUSE: Security Advisory (SUSE-SU-2022:3726-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...