MiracleLinux 9 : webkit2gtk3-2.40.5-1.el9 (AXSA:2023-6828:17)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6828:17 advisory. webkitgtk: arbitrary code execution CVE-2023-32393 webkitgtk: bypass Same Origin Policy CVE-2023-38572 webkitgtk: Processing web content may lead to...

MiracleLinux 7 : firefox-91.3.0-1.0.1.el7.AXS7 (AXSA:2021-2530:32)

The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2021-2530:32 advisory. Mozilla: Use-after-free in HTTP2 Session object Mozilla: Memory safety bugs fixed in Firefox 94 and Firefox ESR 91.3 Mozilla: iframe sandbox rules d...

MiracleLinux 8 : webkit2gtk3-2.40.5-1.el8.ML.1 (AXSA:2023-7260:19)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-7260:19 advisory. webkitgtk: arbitrary code execution CVE-2023-32393 webkitgtk: bypass Same Origin Policy CVE-2023-38572 webkitgtk: Processing web content may lead to...

MiracleLinux 8 : webkit2gtk3-2.38.5-1.el8.ML.1 (AXSA:2023-5964:10)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-5964:10 advisory. webkitgtk: use-after-free issue leading to arbitrary code execution CVE-2022-42826 webkitgtk: memory corruption issue leading to arbitrary code...

MiracleLinux 4 : firefox-60.8.0-1.0.1.AXS4 (AXSA:2019-3929:04)

The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2019-3929:04 advisory. Mozilla: Memory safety bugs fixed in Firefox 68 and Firefox ESR 60.8 CVE-2019-11709 Mozilla: Sandbox escape via installation of malicious language...

MiracleLinux 3 : firefox-17.0.8-1.0.1.AXS3, xulrunner-17.0.8-3.0.1.AXS3 (AXSA:2013-623:06)

The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2013-623:06 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. Security issues fixed with this releas...

MiracleLinux 4 : firefox-60.9.0-1.0.1.AXS4 (AXSA:2019-4316:05)

The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2019-4316:05 advisory. Mozilla: Sandbox escape through Firefox Sync CVE-2019-9812 Mozilla: Memory safety bugs fixed in Firefox 69, Firefox ESR 68.1, and Firefox ESR 60.9...

MiracleLinux 4 : firefox-38.2.0-4.0.1.AXS4 (AXSA:2015-442:07)

The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2015-442:07 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. With this update, following issues are...

MiracleLinux 4 : firefox-17.0.9-1.0.1.AXS4, xulrunner-17.0.9-1.0.1.AXS4 (AXSA:2013-625:07)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2013-625:07 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. Security issues fixed with this releas...

Cross-site Scripting (XSS)

Overview svelte is a package for building web applications. Affected versions of this package are vulnerable to Cross-site Scripting XSS due to the improper sanitazation of user input in hydratableblock function hydratable process. An attacker can execute arbitrary JavaScript in the client’s...

openSUSE 16 Security Update : MozillaFirefox (openSUSE-SU-2026:20014-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20014-1 advisory. Changes in MozillaFirefox: Firefox Extended Support Release 140.6.0 ESR was released: Fixed: Various security fixes. MFSA 2025-94 bsc1254551:...

MiracleLinux 4 : firefox-3.6.22-1.0.1.AXS4, xulrunner-1.9.2.22-1.0.1.AXS4 (AXSA:2011-444:04)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2011-444:04 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. Security issues fixed with this releas...

MiracleLinux 8 : thunderbird-140.6.0-1.el8_10.ML.1 (AXSA:2026-021:01)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2026-021:01 advisory. firefox: Memory safety bugs fixed in Firefox ESR 140.6, Thunderbird ESR 140.6, Firefox 146 and Thunderbird 146 CVE-2025-14333 firefox: Use-after-free...

MiracleLinux 4 : firefox-3.6.24-3.0.1.AXS4, xulrunner-1.9.2.24-2.1.0.1.AXS4 (AXSA:2012-81:01)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2012-81:01 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. Security issues fixed with this release...

CVE-2025-14279

MLFlow versions up to and including 3.4.0 are vulnerable to DNS rebinding attacks due to a lack of Origin header validation in the MLFlow REST server. This vulnerability allows malicious websites to bypass Same-Origin Policy protections and execute unauthorized calls against REST endpoints. An...

Astra Linux – Vulnerability in Firefox, Thunderbird

Bypass of the same-origin policy in the Request Handling component. This vulnerability was fixed in Firefox 146, Firefox ESR 115.31, Firefox ESR 140.6, Thunderbird 146, and Thunderbird 140.6...

Astra Linux – Vulnerability in Firefox

Bypass of the same-origin policy in the DOM: Workers component. This vulnerability was fixed in Firefox 145, Firefox ESR 140.5, Thunderbird 145, and Thunderbird 140.5...

MiracleLinux 8 : firefox-140.3.0-1.el8_10.ML.1 (AXSA:2025-10906:31)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2025-10906:31 advisory. firefox: thunderbird: Sandbox escape due to use-after-free in the Graphics: Canvas2D component CVE-2025-10527 firefox: thunderbird: Incorrect...

MiracleLinux 9 : thunderbird-140.5.0-2.el9_7.ML.1 (AXSA:2025-11549:27)

The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2025-11549:27 advisory. firefox: Mitigation bypass in the DOM: Security component CVE-2025-13018 firefox: Use-after-free in the Audio/Video component CVE-2025-13014 firefo...

MiracleLinux 9 : firefox-128.14.0-2.el9_6.ML.1 (AXSA:2025-10784:29)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10784:29 advisory. firefox: thunderbird: Denial-of-service due to out-of-memory in the Graphics: WebRender component CVE-2025-9182 thunderbird: firefox: Sandbox escap...