Astra Linux - уязвимость в thunderbird, firefox

The WebChannel API, which is used to transfer various types of information between processes, did not check the identity of the sender. Instead, it accepted the identity of the sender without verification. This could lead to privilege escalation attacks. This vulnerability has been fixed in Firef...

EUVD-2025-1569

Malicious code in bioql PyPI...

FreeBSD : Mozilla -- privilege scalation attack (ea51e89a-116c-11f0-8b2c-b42e991fc52e)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the ea51e89a-116c-11f0-8b2c-b42e991fc52e advisory. [email protected] reports: The WebChannel API, which is used to transport various information across...

Linux Distros Unpatched Vulnerability : CVE-2025-0237

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The WebChannel API, which is used to transport various information across processes, did not check the sending principal but rather accepted the principal being...

firefox: thunderbird: WebChannel APIs susceptible to confused deputy attack

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: The WebChannel API, which is used to transport various information across processes, did not check the sending principal but rather accepted the principal being sent. This could have led to...

firefox: thunderbird: WebChannel APIs susceptible to confused deputy attack

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: The WebChannel API, which is used to transport various information across processes, did not check the sending principal but rather accepted the principal being sent. This could have led to...

firefox: thunderbird: WebChannel APIs susceptible to confused deputy attack

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: The WebChannel API, which is used to transport various information across processes, did not check the sending principal but rather accepted the principal being sent. This could have led to...

Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 128.6.0 ESR Fixed: Various security fixes. MFSA 2025-02 bsc1234991 CVE-2025-0237 bmo1915257 WebChannel APIs susceptible to confused deputy attack CVE-2025-0238 bmo1915535 Use-after-free when breaking lines...

firefox: thunderbird: WebChannel APIs susceptible to confused deputy attack

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: The WebChannel API, which is used to transport various information across processes, did not check the sending principal but rather accepted the principal being sent. This could have led to...

firefox: thunderbird: WebChannel APIs susceptible to confused deputy attack

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: The WebChannel API, which is used to transport various information across processes, did not check the sending principal but rather accepted the principal being sent. This could have led to...

firefox: thunderbird: WebChannel APIs susceptible to confused deputy attack

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: The WebChannel API, which is used to transport various information across processes, did not check the sending principal but rather accepted the principal being sent. This could have led to...

firefox: thunderbird: WebChannel APIs susceptible to confused deputy attack

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: The WebChannel API, which is used to transport various information across processes, did not check the sending principal but rather accepted the principal being sent. This could have led to...

firefox: thunderbird: WebChannel APIs susceptible to confused deputy attack

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: The WebChannel API, which is used to transport various information across processes, did not check the sending principal but rather accepted the principal being sent. This could have led to...

firefox: thunderbird: WebChannel APIs susceptible to confused deputy attack

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: The WebChannel API, which is used to transport various information across processes, did not check the sending principal but rather accepted the principal being sent. This could have led to...

firefox: thunderbird: WebChannel APIs susceptible to confused deputy attack

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: The WebChannel API, which is used to transport various information across processes, did not check the sending principal but rather accepted the principal being sent. This could have led to...

firefox: thunderbird: WebChannel APIs susceptible to confused deputy attack

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: The WebChannel API, which is used to transport various information across processes, did not check the sending principal but rather accepted the principal being sent. This could have led to...

firefox: thunderbird: WebChannel APIs susceptible to confused deputy attack

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: The WebChannel API, which is used to transport various information across processes, did not check the sending principal but rather accepted the principal being sent. This could have led to...

firefox: thunderbird: WebChannel APIs susceptible to confused deputy attack

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: The WebChannel API, which is used to transport various information across processes, did not check the sending principal but rather accepted the principal being sent. This could have led to...

firefox: thunderbird: WebChannel APIs susceptible to confused deputy attack

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: The WebChannel API, which is used to transport various information across processes, did not check the sending principal but rather accepted the principal being sent. This could have led to...

CVE-2025-0237

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: The WebChannel API, which is used to transport various information across processes, did not check the sending principal but rather accepted the principal being sent. This could have led to...