MiracleLinux 4 : firefox-78.8.0-1.0.1.AXS4 (AXSA:2021-1566:06)

The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2021-1566:06 advisory. Mozilla: Content Security Policy violation report could have contained the destination of a redirect CVE-2021-23968 Mozilla: Content Security Policy...

Linux Distros Unpatched Vulnerability : CVE-2019-11756

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper refcounting of soft token session objects could cause a use-after-free and crash likely limited to a denial of service. This vulnerability affects...

SUSE CVE-2019-17011

Under certain conditions, when retrieving a document from a DocShell in the antitracking code, a race condition could cause a use-after-free condition and a potentially exploitable crash. This vulnerability affects Thunderbird 68.3, Firefox ESR 68.3, and Firefox 71...

SUSE CVE-2019-17012

Mozilla developers reported memory safety bugs present in Firefox 70 and Firefox ESR 68.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird 68.3,...

SUSE CVE-2020-6825

Mozilla developers and community members Tyson Smith and Christian Holler reported memory safety bugs present in Firefox 74 and Firefox ESR 68.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary...

SUSE CVE-2020-12405

When browsing a malicious page, a race condition in our SharedWorkerService could occur and lead to a potentially exploitable crash. This vulnerability affects Thunderbird 68.9.0, Firefox 77, and Firefox ESR 68.9...

SUSE CVE-2020-12426

Mozilla developers and community members reported memory safety bugs present in Firefox 77. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox 78...

SUSE CVE-2020-15648

Using object or embed tags, it was possible to frame other websites, even if they disallowed framing using the X-Frame-Options header. This vulnerability affects Thunderbird 78 and Firefox 78.0.2...

Mozilla: Memory safety bugs fixed in Firefox 92, Firefox ESR 78.14 and Firefox ESR 91.1

Mozilla developers reported memory safety bugs present in Firefox 91 and Firefox ESR 78.13. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR 78.14,...

Mozilla: Incorrect instruction reordering during JIT optimization

Instruction reordering resulted in a sequence of instructions that would cause an object to be incorrectly considered during garbage collection. This led to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird 78.13, Thunderbird 91, Firefox ESR 78.13, and...

Mozilla: Memory safety bugs fixed in Firefox 86 and Firefox ESR 78.8

Mozilla developers reported memory safety bugs present in Firefox 85 and Firefox ESR 78.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox 86, Thunderbi...

Mozilla: WebRTC permission prompt could have been bypassed by a compromised content process

When constructing a permission prompt for WebRTC, a URI was supplied from the content process. This URI was untrusted, and could have been the URI of an origin that was previously granted permission; bypassing the prompt. This vulnerability affects Firefox 78...

Mozilla: Out of bound read in Date.parse()

Due to confusion processing a hyphen character in Date.parse, a one-byte out of bounds read could have occurred, leading to potential information disclosure. This vulnerability affects Firefox 78...

Mozilla: X-Frame-Options bypass using object or embed tags

Using object or embed tags, it was possible to frame other websites, even if they disallowed framing using the X-Frame-Options header. This vulnerability affects Thunderbird 78 and Firefox 78.0.2...

Mozilla: X-Frame-Options bypass using object or embed tags

Using object or embed tags, it was possible to frame other websites, even if they disallowed framing using the X-Frame-Options header. This vulnerability affects Thunderbird 78 and Firefox 78.0.2...

Mozilla: X-Frame-Options bypass using object or embed tags

Using object or embed tags, it was possible to frame other websites, even if they disallowed framing using the X-Frame-Options header. This vulnerability affects Thunderbird 78 and Firefox 78.0.2...

Mozilla: Memory safety bugs fixed in Firefox 79 and Firefox ESR 68.11

Mozilla developers and community members reported memory safety bugs present in Firefox 78 and Firefox ESR 78.0. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects...

Mozilla: Memory safety bugs fixed in Firefox 79 and Firefox ESR 68.11

Mozilla developers and community members reported memory safety bugs present in Firefox 78 and Firefox ESR 78.0. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects...

Mozilla: Memory safety bugs fixed in Firefox 79 and Firefox ESR 68.11

Mozilla developers and community members reported memory safety bugs present in Firefox 78 and Firefox ESR 78.0. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects...

Mozilla: Memory safety bugs fixed in Firefox 79 and Firefox ESR 68.11

Mozilla developers and community members reported memory safety bugs present in Firefox 78 and Firefox ESR 78.0. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects...