53 matches found
MiracleLinux 7 : firefox-128.12.0-1.0.1.el7.AXS7 (AXSA:2025-10426:21)
The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2025-10426:21 advisory. firefox: Content-Disposition header ignored when a file is included in an embed or object tag CVE-2025-6430 firefox: Use-after-free in FontFaceSet...
OPENSUSE-SU-2025-20135-1 Security update for mozjs128
This update for mozjs128 fixes the following issues: - Update to version 128.14.0 bsc1248162: + CVE-2025-9179: Sandbox escape due to invalid pointer in the Audio/Video: GMP component + CVE-2025-9180: Same-origin policy bypass in the Graphics: Canvas2D component + CVE-2025-9181: Uninitialized memo...
TencentOS Server 3: thunderbird (TSSA-2025:0600)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0600 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...
TencentOS Server 3: firefox (TSSA-2025:0528)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0528 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...
Astra Linux – Vulnerability in Firefox and Thunderbird
An attacker who enumerated resources from the WebCompat extension could obtain a persistent UUID that identified the browser. This UUID could be used to switch between container-based modes and normal/private browsing mode, but it could not be used to access profiles. This vulnerability has been...
Unity Linux 20.1070a Security Update: firefox (UTSA-2025-987439)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987439 advisory. An attacker who enumerated resources from the WebCompat extension could have obtained a persistent UUID that identified the browser, and persisted between containers...
RLSA-2025:10072 Important: firefox security update
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: Content-Disposition header ignored when a file is included in an embed or object tag CVE-2025-6430 firefox: Use-after-free in FontFaceSet CVE-2025-6424 firefox:...
EUVD-2025-19101
Malicious code in bioql PyPI...
firefox security update
An update is available for firefox. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Mozilla Firefox is an open-source web browser, designed for standards...
RLSA-2025:10073 Important: firefox security update
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: Content-Disposition header ignored when a file is included in an embed or object tag CVE-2025-6430 firefox: Use-after-free in FontFaceSet CVE-2025-6424 firefox:...
Linux Distros Unpatched Vulnerability : CVE-2025-6425
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An attacker who enumerated resources from the WebCompat extension could have obtained a persistent UUID that identified the browser, and persisted between...
OESA-2025-1912 thunderbird security update
Security Fixes: A use-after-free in FontFaceSet resulted in a potentially exploitable crash. This vulnerability affects Firefox 140, Firefox ESR 115.25, Firefox ESR 128.12, Thunderbird 140, and Thunderbird 128.12.CVE-2025-6424 An attacker who enumerated resources from the WebCompat extension coul...
Security update for MozillaThunderbird
This update for MozillaThunderbird fixes the following issues: Update to Mozilla Thunderbird 128.12 MFSA 2025-55, bsc1244670: CVE-2025-6424: Use-after-free in FontFaceSet bmo1966423 CVE-2025-6425: The WebCompat WebExtension shipped exposed a persistent UUID bmo1717672 CVE-2025-6426: No warning wh...
Important: firefox
Issue Overview: A use-after-free in FontFaceSet resulted in a potentially exploitable crash. This vulnerability affects Firefox or tag, potentially making a website vulnerable to a cross-site scripting attack. CVE-2025-6430 Affected Packages: firefox Issue Correction: Run dnf update firefox...
Updated rootcerts, nss & firefox packages fix security vulnerabilities
CVE-2025-6424: A use-after-free in FontFaceSet resulted in a potentially exploitable crash. CVE-2025-6425: An attacker who enumerated resources from the WebCompat extension could have obtained a persistent UUID that identified the browser, and persisted between containers and normal/private...
firefox: thunderbird: The WebCompat WebExtension shipped with Firefox exposed a persistent UUID
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: An attacker who enumerated resources from the WebCompat extension could have obtained a persistent UUID that identified the browser and persisted between containers and...
firefox: thunderbird: The WebCompat WebExtension shipped with Firefox exposed a persistent UUID
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: An attacker who enumerated resources from the WebCompat extension could have obtained a persistent UUID that identified the browser and persisted between containers and...
firefox: thunderbird: The WebCompat WebExtension shipped with Firefox exposed a persistent UUID
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: An attacker who enumerated resources from the WebCompat extension could have obtained a persistent UUID that identified the browser and persisted between containers and...
firefox: thunderbird: The WebCompat WebExtension shipped with Firefox exposed a persistent UUID
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: An attacker who enumerated resources from the WebCompat extension could have obtained a persistent UUID that identified the browser and persisted between containers and...
firefox: thunderbird: The WebCompat WebExtension shipped with Firefox exposed a persistent UUID
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: An attacker who enumerated resources from the WebCompat extension could have obtained a persistent UUID that identified the browser and persisted between containers and...