RHEL 8 : firefox (RHSA-2022:7066)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:7066 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox...

Debian DSA-5259-1 : firefox-esr - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5259 advisory. - A same-origin policy violation could have allowed the theft of cross-origin URL entries, leaking the result of a redirect, via performance.getEntries...

ALSA-2022:7071 Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.4.0 ESR. Security Fixes: Mozilla: Same-origin policy violation could have leaked cross-origin URLs CVE-2022-42927 Mozilla: Memory Corruption ...

RHEL 7 : firefox (RHSA-2022:7069)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:7069 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox...

RHEL 9 : firefox (RHSA-2022:7071)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:7071 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox...

RHEL 8 : firefox (RHSA-2022:7068)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:7068 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox...

Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.4.0 ESR. Security Fixes: Mozilla: Same-origin policy violation could have leaked cross-origin URLs CVE-2022-42927 Mozilla: Memory Corruption ...

CVE-2022-42927

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue of a same-origin policy violation that could have allowed the theft of cross-origin URL entries, leaking the result of a redirect via performance.getEntries...

Mozilla Firefox ESR Security Advisory (MFSA2022-44) - Mac OS X

Mozilla Firefox ESR is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefoxesr";...

Mozilla Firefox Security Advisory (MFSA2022-44) - Windows

Mozilla Firefox is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefox";...

Mageia: Security Advisory (MGASA-2022-0378)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Updated firefox packages fix security vulnerability

A same-origin policy violation could have allowed the theft of cross-origin URL entries, leaking the result of a redirect, via performance.getEntries CVE-2022-42927. Certain types of allocations were missing annotations that, if the Garbage Collector was in a specific state, could have lead to...

Mozilla Firefox ESR < 102.4

The version of Firefox ESR installed on the remote macOS or Mac OS X host is prior to 102.4. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2022-45 advisory. - Mozilla developers Ashley Hale and the Mozilla Fuzzing Team reported memory safety bugs present in Firef...

Security Vulnerabilities fixed in Firefox 106 — Mozilla

A same-origin policy violation could have allowed the theft of cross-origin URL entries, leaking the result of a redirect, via performance.getEntries. Certain types of allocations were missing annotations that, if the Garbage Collector was in a specific state, could have lead to memory corruption...

Security Vulnerabilities fixed in Thunderbird 102.4 — Mozilla

A same-origin policy violation could have allowed the theft of cross-origin URL entries, leaking the result of a redirect, via performance.getEntries. Certain types of allocations were missing annotations that, if the Garbage Collector was in a specific state, could have lead to memory corruption...

Security Vulnerabilities fixed in Firefox ESR 102.4 — Mozilla

A same-origin policy violation could have allowed the theft of cross-origin URL entries, leaking the result of a redirect, via performance.getEntries. Certain types of allocations were missing annotations that, if the Garbage Collector was in a specific state, could have lead to memory corruption...

Slackware Linux 15.0 / current mozilla-firefox Multiple Vulnerabilities (SSA:2022-291-02)

The version of mozilla-firefox installed on the remote host is prior to 102.4.0esr / 106.0. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2022-291-02 advisory. - A same-origin policy violation could have allowed the theft of cross-origin URL entries, leaking the...

Mozilla Firefox ESR < 102.4

The version of Firefox ESR installed on the remote Windows host is prior to 102.4. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2022-45 advisory. - Mozilla developers Ashley Hale and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 105 and...

Mozilla Firefox < 106.0

The version of Firefox installed on the remote Windows host is prior to 106.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2022-44 advisory. - Mozilla developers Timothy Nikkel, Ashley Hale, and the Mozilla Fuzzing Team reported memory safety bugs present in...

Blog2Social < 6.9.10 - Subscriber+ SQLi

The plugin does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by any authenticated users, such as subscribers PoC Run the script below in the web browser console while being logged in as a subscriber and on the Blog2Social...