MiracleLinux 8 : firefox-91.2.0-4.el8.ML.1 (AXSA:2021-2461:28)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2021-2461:28 advisory. Mozilla: Use-after-free in MessageTask CVE-2021-38496 Mozilla: Memory safety bugs fixed in Firefox 93, Firefox ESR 78.15, and Firefox ESR 91.2...

Silverstripe Form field validation message XSS vulnerability

A high level XSS risk has been identified in the encoding of validation messages in certain FormField classes. Certain fields such as the NumericField and DropdownField have been identified, but any form field which presents any invalid content as a part of its validation response will be at risk...

CVE-2023-47102

UrBackup Server 2.5.31 allows brute-force enumeration of user accounts because a failure message confirms that a username is not valid...

Mozilla Firefox ESR Security Advisory (MFSA2021-45) - Mac OS X

Mozilla Firefox ESR is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefoxesr";...

Mozilla Thunderbird Security Advisories (MFSA2021-47, MFSA2021-49) - Mac OS X

Mozilla Thunderbird is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:thunderbird";...

Mozilla Firefox ESR Security Advisory (MFSA2021-45) - Windows

Mozilla Firefox ESR is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefoxesr";...

Mozilla Firefox Security Advisory (MFSA2021-43) - Mac OS X

Mozilla Firefox is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefox";...

firefox security update

CentOS Errata and Security Advisory CESA-2021:3791 An update for firefox is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

CentOS 7 : firefox (RHSA-2021:3791)

The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2021:3791 advisory. - crossbeam-deque is a package of work-stealing deques for building task schedulers when programming in Rust. In versions prior to 0.7.4 and 0.8.0, the...

CVE-2021-38497

Through use of reportValidity and window.open, a plain-text validation message could have been overlaid on another origin, leading to possible user confusion and spoofing attacks. This vulnerability affects Firefox 93, Thunderbird 91.2, and Firefox ESR 91.2...

CVE-2021-38497

Through use of reportValidity and window.open, a plain-text validation message could have been overlaid on another origin, leading to possible user confusion and spoofing attacks. This vulnerability affects Firefox 93, Thunderbird 91.2, and Firefox ESR 91.2...

CentOS 8 : thunderbird (CESA-2021:3838)

The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2021:3838 advisory. - rust-crossbeam-deque: race condition may lead to double free CVE-2021-32810 - Mozilla: Use-after-free in MessageTask CVE-2021-38496 - Mozilla:...

RHEL 7 : thunderbird (RHSA-2021:3841)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2021:3841 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 91.2.0. Security Fixes: Mozilla:...

RHEL 8 : thunderbird (RHSA-2021:3839)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2021:3839 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 91.2.0. Security Fixes: Mozilla:...

RHEL 8 : thunderbird (RHSA-2021:3840)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2021:3840 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 91.2.0. Security Fixes: Mozilla:...

Mozilla: Validation message could have been overlaid on another origin

Through use of reportValidity and window.open, a plain-text validation message could have been overlaid on another origin, leading to possible user confusion and spoofing attacks. This vulnerability affects Firefox 93, Thunderbird 91.2, and Firefox ESR 91.2...

Important: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

Mozilla: Validation message could have been overlaid on another origin

Through use of reportValidity and window.open, a plain-text validation message could have been overlaid on another origin, leading to possible user confusion and spoofing attacks. This vulnerability affects Firefox 93, Thunderbird 91.2, and Firefox ESR 91.2...

Important: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

Mozilla: Validation message could have been overlaid on another origin

Through use of reportValidity and window.open, a plain-text validation message could have been overlaid on another origin, leading to possible user confusion and spoofing attacks. This vulnerability affects Firefox 93, Thunderbird 91.2, and Firefox ESR 91.2...