Debian dla-3727 : firefox-esr - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3727 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3727-1 [email protected]...

Oracle Linux 8 : thunderbird (ELSA-2024-0609)

The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2024-0609 advisory. 115.7.0-1.0.1 - Update to 115.7.0 build1 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note...

Oracle Linux 9 : thunderbird (ELSA-2024-0602)

The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2024-0602 advisory. 115.7.0-1.0.1 - Update to 115.7.0 build1 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note...

RHEL 8 : thunderbird (RHSA-2024:0598)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:0598 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 115.7.0. Security Fixes: Mozilla:...

Security Bypass Vulnerability in Multiple Mozilla Products (CNVD-2024-10441)

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the U.S.A. Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is email client software that supports the IMAP and POP mail protocols as well as the HTML mail format. A...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : MozillaFirefox (SUSE-SU-2024:0229-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:0229-1 advisory. - An out of bounds write in ANGLE could have allowed an attacker to corrupt memory leading to a...

Fedora 38 : thunderbird (2024-278a776610)

The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-278a776610 advisory. Update to 115.7.0 https://www.mozilla.org/en-US/security/advisories/mfsa2024-04/ https://www.thunderbird.net/en-US/thunderbird/115.7.0/releasenotes/...

CVE-2024-0753

In specific HSTS configurations an attacker could have bypassed HSTS on a subdomain. This vulnerability affects Firefox 122, Firefox ESR 115.7, and Thunderbird 115.7...

Security Vulnerabilities fixed in Thunderbird 115.7 — Mozilla

An out of bounds write in ANGLE could have allowed an attacker to corrupt memory leading to a potentially exploitable crash. It was possible for certain browser prompts and dialogs to be activated or dismissed unintentionally by the user due to an incorrect timestamp used to prevent input after...

Mozilla Thunderbird < 115.7

The version of Thunderbird installed on the remote macOS or Mac OS X host is prior to 115.7. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2024-04 advisory. - Memory safety bugs present in Firefox 121, Firefox ESR 115.6, and Thunderbird 115.6. Some of these bugs...

GitHub Security Lab: [Java]: CWE-523 Insecure HSTS configuration

This bug was reported directly to GitHub Security Lab...