CVE-2021-43535

A use-after-free could have occured when an HTTP2 session object was released on a different thread, leading to memory corruption and a potentially exploitable crash. This vulnerability affects Firefox 93, Thunderbird 91.3, and Firefox ESR 91.3...

CVE-2021-43535

A use-after-free could have occured when an HTTP2 session object was released on a different thread, leading to memory corruption and a potentially exploitable crash. This vulnerability affects Firefox 93, Thunderbird 91.3, and Firefox ESR 91.3...

CVE-2021-43535

CVE-2021-43535 is a memory-safety vulnerability in Mozilla browsers where an HTTP2 session object could be released on a different thread, causing use-after-free, memory corruption, and a potentially exploitable crash. The consolidated information across sources indicates the issue affects Firefo...

CVE-2021-43535

A use-after-free could have occured when an HTTP2 session object was released on a different thread, leading to memory corruption and a potentially exploitable crash. This vulnerability affects Firefox 93, Thunderbird 91.3, and Firefox ESR 91.3...

SUSE-SU-2021:3964-1 Security update for nodejs14

This update for nodejs14 fixes the following issues: nodejs14 was updated to 14.18.1: deps: update llhttp to 2.1.4 - HTTP Request Smuggling due to spaced in headers bsc1191601, CVE-2021-22959 - HTTP Request Smuggling when parsing the body bsc1191602, CVE-2021-22960 Changes in 14.18.0: buffer: +...

Security update for nodejs14 (important)

openSUSE Security Update: Security update for nodejs14 Announcement ID: openSUSE-SU-2021:3964-1 Rating: important References: 1190053 1190054 1190055 1190056 1190057 1191601 1191602 Cross-References: CVE-2021-22959 CVE-2021-22960 CVE-2021-37701 CVE-2021-37712 CVE-2021-37713 CVE-2021-39134...

SUSE SLED15 / SLES15 Security Update : MozillaFirefox (SUSE-SU-2021:3745-1)

The remote SUSE Linux SLED15 / SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:3745-1 advisory. - The iframe sandbox rules were not correctly applied to XSLT stylesheets, allowing an iframe to bypass restrictions such as executing...

thunderbird security update

CentOS Errata and Security Advisory CESA-2021:4134 An update for thunderbird is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

firefox security update

CentOS Errata and Security Advisory CESA-2021:4116 An update for firefox is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

CentOS 7 : thunderbird (RHSA-2021:4134)

The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2021:4134 advisory. - The iframe sandbox rules were not correctly applied to XSLT stylesheets, allowing an iframe to bypass restrictions such as executing scripts or...

Apache Tomcat Denial of Service (CVE-2020-11996)

A denial of service vulnerability exists in Apache Tomcat. A remote, unauthenticated attacker could exploit this vulnerability by sending a specially crafted HTTP2 packet to a vulnerable server. Successful exploitation of this vulnerability could result in denial of service conditions...

RHEL 8 : firefox (RHSA-2021:4607)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2021:4607 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox...

MGASA-2021-0506 Updated thunderbird packages fix security vulnerabilities

Updated thunderbird packages fix security vulnerabilities: The iframe sandbox rules were not correctly applied to XSLT stylesheets, allowing an iframe to bypass restrictions such as executing scripts or navigating the top-level frame CVE-2021-38503. When interacting with an HTML input element's...

MGASA-2021-0505 Updated firefox packages fix security vulnerability

The iframe sandbox rules were not correctly applied to XSLT stylesheets, allowing an iframe to bypass restrictions such as executing scripts or navigating the top-level frame CVE-2021-38503. When interacting with an HTML input element's file picker dialog with webkitdirectory set, a use-after-fre...

Updated firefox packages fix security vulnerability

The iframe sandbox rules were not correctly applied to XSLT stylesheets, allowing an iframe to bypass restrictions such as executing scripts or navigating the top-level frame CVE-2021-38503. When interacting with an HTML input element's file picker dialog with webkitdirectory set, a use-after-fre...

Updated thunderbird packages fix security vulnerabilities

Updated thunderbird packages fix security vulnerabilities: The iframe sandbox rules were not correctly applied to XSLT stylesheets, allowing an iframe to bypass restrictions such as executing scripts or navigating the top-level frame CVE-2021-38503. When interacting with an HTML input element's...

Important: Red Hat Security Advisory: firefox security update

An update for firefox is now available for Red Hat Enterprise Linux 8.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

CentOS 8 : thunderbird (CESA-2021:4130)

The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2021:4130 advisory. - Mozilla: iframe sandbox rules did not apply to XSLT stylesheets CVE-2021-38503 - Mozilla: Use-after-free in file picker dialog CVE-2021-38504 -...

RHEL 8 : thunderbird (RHSA-2021:4130)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2021:4130 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 91.3.0. Security Fixes: Mozilla:...

RHEL 8 : thunderbird (RHSA-2021:4133)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2021:4133 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 91.3.0. Security Fixes: Mozilla:...