Debian DSA-5464-1 : firefox-esr - security update

The remote Debian 11 / 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5464 advisory. Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, bypass of the...

Mozilla Thunderbird < 102.14

The version of Thunderbird installed on the remote Windows host is prior to 102.14. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2023-32 advisory. - Memory safety bugs present in Firefox 115, Firefox ESR 115.0, Firefox ESR 102.13, Thunderbird 115.0, and...

Security Vulnerabilities fixed in Thunderbird 102.14 — Mozilla

Offscreen Canvas did not properly track cross-origin tainting, which could have been used to access image data from another site in violation of same-origin policy. In some circumstances, a stale value could have been used for a global variable in WASM JIT analysis. This resulted in incorrect...

CVE-2023-4050

In some cases, an untrusted input stream was copied to a stack buffer without checking its size. This resulted in a potentially exploitable crash which could have led to a sandbox escape. This vulnerability affects Firefox 116, Firefox ESR 102.14, and Firefox ESR 115.1...