18 matches found
Linux Distros Unpatched Vulnerability : CVE-2025-0239
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When using Alt-Svc, ALPN did not properly validate certificates when the original server is redirecting to an insecure site. This vulnerability was fixed in...
firefox security update
128.6.0-1.0.1 - Update to 128.6.0 build1 Orabug: 37460830CVE-2025-0237CVE-2025-0238 CVE-2025-0239CVE-2025-0240CVE-2025-0241CVE-2025-0242CVE-2025-0243 - Enable PipeWire camera support for RHEL 10 + backport upstream fixes for PipeWire camera support Fixes: RHEL-64749...
MozillaThunderbird-128.6.0-1.1 on GA media (moderate)
MozillaThunderbird-128.6.0-1.1 on GA media Announcement ID: openSUSE-SU-2025:14648-1 Rating: moderate Cross-References: CVE-2025-0237 CVE-2025-0238 CVE-2025-0239 CVE-2025-0240 CVE-2025-0241 CVE-2025-0242 CVE-2025-0243 CVSS scores: CVE-2025-0237 SUSE : 5.4...
RockyLinux 8 : firefox (RLSA-2025:0144)
The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:0144 advisory. firefox: Use-after-free when breaking lines in text CVE-2025-0238 firefox: Memory corruption when using JavaScript Text Segmentation CVE-2025-0241 firefo...
SUSE-SU-2025:0059-1 Security update for MozillaFirefox
This update for MozillaFirefox fixes the following issues: - Firefox Extended Support Release 128.6.0 ESR Fixed: Various security fixes. MFSA 2025-02 bsc1234991 CVE-2025-0237 bmo1915257 WebChannel APIs susceptible to confused deputy attack CVE-2025-0238 bmo1915535 Use-after-free when breaking lin...
AlmaLinux 9 : firefox (ALSA-2025:0080)
The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:0080 advisory. firefox: Use-after-free when breaking lines in text CVE-2025-0238 firefox: Memory corruption when using JavaScript Text Segmentation CVE-2025-0241 firefox...
RHEL 9 : firefox (RHSA-2025:0135)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:0135 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox:...
RHEL 9 : firefox (RHSA-2025:0162)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:0162 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox:...
RHEL 8 : firefox (RHSA-2025:0134)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:0134 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox:...
Mozilla Firefox ESR Security Update (mfsa_2025-02) - Windows
Mozilla Firefox ESR is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefoxesr";...
Mozilla Firefox ESR Security Update (mfsa_2025-02) - Mac OS X
Mozilla Firefox ESR is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefoxesr";...
CVE-2025-0239
A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: When using Alt-Svc, ALPN did not properly validate certificates when the original server is redirecting to an insecure site...
CVE-2025-0239
When using Alt-Svc, ALPN did not properly validate certificates when the original server is redirecting to an insecure site. This vulnerability affects Firefox 134, Firefox ESR 128.6, Thunderbird 134, and Thunderbird 128.6...
CVE-2025-0239
When using Alt-Svc, ALPN did not properly validate certificates when the original server is redirecting to an insecure site. This vulnerability affects Firefox 134, Firefox ESR 128.6, Thunderbird 134, and Thunderbird 128.6...
CVE-2025-0239 vulnerabilities
Vulnerabilities for packages: firefox...
CVE-2025-0239
When using Alt-Svc, ALPN did not properly validate certificates when the original server is redirecting to an insecure site. This vulnerability was fixed in Firefox 134, Firefox ESR 128.6, Thunderbird 134, and Thunderbird 128.6...
CVE-2025-0239 Alt-Svc ALPN validation failure when redirected
When using Alt-Svc, ALPN did not properly validate certificates when the original server is redirecting to an insecure site. This vulnerability was fixed in Firefox 134, Firefox ESR 128.6, Thunderbird 134, and Thunderbird 128.6...
CVE-2025-0239
CVE-2025-0239 affects Mozilla Firefox and Thunderbird components via Alt-Svc with ALPN: certificates were not properly validated when the original server redirects to an insecure site. Affected versions are Firefox < 134, Firefox ESR < 128.6, Thunderbird < 134, and Thunderbird