MiracleLinux 7 : firefox-102.8.0-2.0.1.el7.AXS7 (AXSA:2023-5143:11)

The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-5143:11 advisory. Mozilla: Arbitrary memory write via PKCS 12 in NSS CVE-2023-0767 Mozilla: Content security policy leak in violation reports using iframes...

Important: firefox

Issue Overview: firefox-esr , thunderbird and nss only are affected by this package. CVE-2023-0767 The Mozilla Foundation Security Advisory describes this flaw as: The Content-Security-Policy-Report-Only header could allow an attacker to leak a child iframe's unredacted URI when interaction with...