Security Bulletin: Multiple vulnerabilities of Mozilla Firefox (less than Firefox 102.8ESR) have affected APM Synthetic Playback Agent

Summary APM Synthetic Playback Agent is vulnerable to Firefox ESR CVE-2023-25730, CVE-2023-25729, CVE-2023-25742, CVE-2023-25734, CVE-2023-25738, CVE-2023-25728 . Firefox ESR is used by APM Synthetic Playback Agent for running the selenium scripts. The fix includes support for Firefox 102.8 ESR...

SUSE: Security Advisory (SUSE-SU-2023:0469-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2023-0057)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security fix for the ALT Linux 10 package firefox-esr version 102.8.0-alt1

102.8.0-alt1 built March 15, 2023 Pavel Vasenkov in task 316239 March 3, 2023 Pavel Vasenkov - New ESR version. - Security fixes + CVE-2023-25728 Content security policy leak in violation reports using iframes + CVE-2023-25730 Screen hijack via browser fullscreen mode + CVE-2023-0767 Arbitrary...

Security fix for the ALT Linux 10 package thunderbird version 102.8.0-alt1

102.8.0-alt1 built March 10, 2023 Pavel Vasenkov in task 316084 Feb. 28, 2023 Pavel Vasenkov - New version. - Security fixes: + CVE-2023-0616 User Interface lockup with messages combining S/MIME and OpenPGP + CVE-2023-25728 Content security policy leak in violation reports using iframes +...

Mozilla Thunderbird Security Advisories (MFSA2023-05, MFSA2023-07) - Mac OS X

Mozilla Thunderbird is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:thunderbird";...

Mozilla Firefox Security Advisories (MFSA2023-04, MFSA2023-06) - Windows

Mozilla Firefox is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefox";...

firefox security update

CentOS Errata and Security Advisory CESA-2023:0812 An update for firefox is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

RLSA-2023:0824 Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.8.0. Security Fixes: Mozilla: Arbitrary memory write via PKCS 12 in NSS CVE-2023-0767 Mozilla: Content security policy leak in violation reports using iframes CVE-2023-25728 Mozilla:...

thunderbird security update

An update is available for thunderbird. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Mozilla Thunderbird is a standalone mail and newsgroup client. This updat...

firefox security update

An update is available for firefox. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Mozilla Firefox is an open-source web browser, designed for standards...

RLSA-2023:0808 Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.8.0 ESR. Security Fixes: Mozilla: Arbitrary memory write via PKCS 12 in NSS CVE-2023-0767 Mozilla: Content security policy leak in violation...

RLSA-2023:0821 Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.8.0. Security Fixes: Mozilla: Arbitrary memory write via PKCS 12 in NSS CVE-2023-0767 Mozilla: Content security policy leak in violation reports using iframes CVE-2023-25728 Mozilla:...

CentOS 7 : firefox (RHSA-2023:0812)

The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:0812 advisory. - The Content-Security-Policy-Report-Only header could allow an attacker to leak a child iframe's unredacted URI when interaction with that iframe...

CentOS 7 : thunderbird (RHSA-2023:0817)

The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:0817 advisory. - If a MIME email combines OpenPGP and OpenPGP MIME data in a certain way Thunderbird repeatedly attempts to process and display the message, which cou...

SUSE-SU-2023:0469-1 Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues: Updated to version 102.8.0 ESR bsc1208144: - CVE-2023-25728: Fixed content security policy leak in violation reports using iframes. - CVE-2023-25730: Fixed screen hijack via browser fullscreen mode. - CVE-2023-25743: Fixed Fullscreen...

Updated thunderbird packages fix security vulnerability

User Interface lockup with messages combining S/MIME and OpenPGP. CVE-2023-0616 Content security policy leak in violation reports using iframes. CVE-2023-25728 Screen hijack via browser fullscreen mode. CVE-2023-25730 Arbitrary memory write via PKCS 12 in NSS. CVE-2023-0767 Potential use-after-fr...

MGASA-2023-0057 Updated thunderbird packages fix security vulnerability

User Interface lockup with messages combining S/MIME and OpenPGP. CVE-2023-0616 Content security policy leak in violation reports using iframes. CVE-2023-25728 Screen hijack via browser fullscreen mode. CVE-2023-25730 Arbitrary memory write via PKCS 12 in NSS. CVE-2023-0767 Potential use-after-fr...

Important: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

Important: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...