56 matches found
Linux Distros Unpatched Vulnerability : CVE-2023-25728
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Content-Security-Policy-Report-Only header could allow an attacker to leak a child iframe's unredacted URI when interaction with that iframe triggers a...
openSUSE: Security Advisory for MozillaFirefox (SUSE-SU-2023:0461-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2023-25728
creationtimestamp| type| source ---|---|--- 2023-06-02 20:36:49+00:00| seen| https://t.me/cibsecurity/64908...
CVE-2023-25728
The Content-Security-Policy-Report-Only header could allow an attacker to leak a child iframe's unredacted URI when interaction with that iframe triggers a redirect. This vulnerability affects Firefox 110, Thunderbird 102.8, and Firefox ESR 102.8...
CVE-2023-25728
The Content-Security-Policy-Report-Only header could allow an attacker to leak a child iframe's unredacted URI when interaction with that iframe triggers a redirect. This vulnerability affects Firefox 110, Thunderbird 102.8, and Firefox ESR 102.8...
CVE-2023-25728
The CVE-2023-25728 entry describes a CSP-Report-Only header issue where an attacker could leak a child iframe’s unredacted URI during a redirect, affecting Firefox < 110, Thunderbird < 102.8, and Firefox ESR
SUSE: Security Advisory (SUSE-SU-2023:0466-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mageia: Security Advisory (MGASA-2023-0057)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security fix for the ALT Linux 10 package firefox-esr version 102.8.0-alt1
102.8.0-alt1 built March 15, 2023 Pavel Vasenkov in task 316239 March 3, 2023 Pavel Vasenkov - New ESR version. - Security fixes + CVE-2023-25728 Content security policy leak in violation reports using iframes + CVE-2023-25730 Screen hijack via browser fullscreen mode + CVE-2023-0767 Arbitrary...
Security fix for the ALT Linux 10 package thunderbird version 102.8.0-alt1
102.8.0-alt1 built March 10, 2023 Pavel Vasenkov in task 316084 Feb. 28, 2023 Pavel Vasenkov - New version. - Security fixes: + CVE-2023-0616 User Interface lockup with messages combining S/MIME and OpenPGP + CVE-2023-25728 Content security policy leak in violation reports using iframes +...
Mozilla Firefox Security Advisories (MFSA2023-04, MFSA2023-06) - Windows
Mozilla Firefox is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefox";...
SUSE SLED15: MozillaThunderbird / MozillaThunderbird-translations-common / etc (SUSE-SU-2023:0599-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:0599-1 advisory. Updated Mozilla Thunderbird to version 102.8.0 bsc1208144: - CVE-2023-0616: Fixed User Interface...
Ubuntu: Security Advisory (USN-5880-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
AlmaLinux 9 : thunderbird (ALSA-2023:0824)
The remote AlmaLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2023:0824 advisory. - Mozilla: User Interface lockup with messages combining S/MIME and OpenPGP CVE-2023-0616 - An attacker could construct a PKCS 12 cert bundle in such a wa...
CentOS: Security Advisory for firefox (CESA-2023:0812)
The remote host is missing an update for the Copyright C 2023 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
CentOS: Security Advisory for thunderbird (CESA-2023:0817)
The remote host is missing an update for the Copyright C 2023 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
thunderbird security update
CentOS Errata and Security Advisory CESA-2023:0817 An update for thunderbird is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...
RLSA-2023:0810 Important: firefox security update
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.8.0 ESR. Security Fixes: Mozilla: Arbitrary memory write via PKCS 12 in NSS CVE-2023-0767 Mozilla: Content security policy leak in violation...
Rocky Linux 9 : thunderbird (RLSA-2023:0824)
The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:0824 advisory. - Mozilla developers Philipp and Gabriele Svelto reported memory safety bugs present in Firefox ESR 102.7. Some of these bugs showed evidence of memory...
CentOS 7 : firefox (RHSA-2023:0812)
The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:0812 advisory. - The Content-Security-Policy-Report-Only header could allow an attacker to leak a child iframe's unredacted URI when interaction with that iframe...