Unbreakable Enterprise kernel-container security update

5.4.17-2136.331.7.el7 - Revert 'tracing/trigger: Fix to return error if failed to alloc snapshot' Siddh Raman Pant - Revert 'selftests: mm: fix maphugetlb failure on 64K page size systems' Harshit Mogalapalli Orabug: 36584568 - Revert 'net/mlx5: Enable SW-defined RoCEv2 UDP source port' Arumugam...

Amazon Linux 2 : firefox (ALASFIREFOX-2024-024)

The version of firefox installed on the remote host is prior to 115.10.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2FIREFOX-2024-024 advisory. An attacker was able to inject an event handler into a privileged object that would allow arbitrary JavaScript...

CentOS 8 : firefox (CESA-2024:1912)

The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2024:1912 advisory. - The permission prompt input delay could expire while the window is not in focus. This makes it vulnerable to clickjacking by malicious websites. This...

CentOS 7 : thunderbird (RHSA-2024:1935)

The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:1935 advisory. - The permission prompt input delay could expire while the window is not in focus. This makes it vulnerable to clickjacking by malicious websites. This...

USN-6750-1 thunderbird vulnerabilities

Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing,...

Ubuntu 20.04 LTS : Firefox vulnerabilities (USN-6747-1)

The remote Ubuntu 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6747-1 advisory. Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially explo...

AlmaLinux 9 : firefox (ALSA-2024:1908)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:1908 advisory. - The permission prompt input delay could expire while the window is not in focus. This makes it vulnerable to clickjacking by malicious websites. This...

Mozilla: GetBoundName in the JIT returned the wrong object

The Mozilla Foundation Security Advisory describes this flaw as: GetBoundName could return the wrong version of an object when JIT optimizations were applied...

Mozilla: GetBoundName in the JIT returned the wrong object

The Mozilla Foundation Security Advisory describes this flaw as: GetBoundName could return the wrong version of an object when JIT optimizations were applied...

Mozilla: GetBoundName in the JIT returned the wrong object

The Mozilla Foundation Security Advisory describes this flaw as: GetBoundName could return the wrong version of an object when JIT optimizations were applied...

Mozilla: GetBoundName in the JIT returned the wrong object

The Mozilla Foundation Security Advisory describes this flaw as: GetBoundName could return the wrong version of an object when JIT optimizations were applied...

Fedora 38 : firefox (2024-966e16bfa3)

The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-966e16bfa3 advisory. - New upstream release 125.0 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has...

Incorrect Return Value

firefox is vulnerable to Incorrect Return Value . The vulnerability is due to the incorrect handling of JIT optimizations, allows for the incorrect return of object versions by the GetBoundName function...

Mozilla Thunderbird < 115.10

The version of Thunderbird installed on the remote macOS or Mac OS X host is prior to 115.10. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2024-20 advisory. - The executable file warning was not presented when downloading .xrm-ms files. Note: This issue only...

Debian dla-3790 : firefox-esr - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3790 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3790-1 [email protected]...

Mozilla: GetBoundName in the JIT returned the wrong object

The Mozilla Foundation Security Advisory describes this flaw as: GetBoundName could return the wrong version of an object when JIT optimizations were applied...

Mozilla: GetBoundName in the JIT returned the wrong object

The Mozilla Foundation Security Advisory describes this flaw as: GetBoundName could return the wrong version of an object when JIT optimizations were applied...

Mozilla: GetBoundName in the JIT returned the wrong object

The Mozilla Foundation Security Advisory describes this flaw as: GetBoundName could return the wrong version of an object when JIT optimizations were applied...

CVE-2024-3852

The Mozilla Foundation Security Advisory describes this flaw as: GetBoundName could return the wrong version of an object when JIT optimizations were applied...

Mozilla: GetBoundName in the JIT returned the wrong object

The Mozilla Foundation Security Advisory describes this flaw as: GetBoundName could return the wrong version of an object when JIT optimizations were applied...