DATABASE RESOURCES PRICING ABOUT US

{"id": "USN-4926-1", "vendorId": null, "type": "ubuntu", "bulletinFamily": "unix", "title": "Firefox vulnerabilities", "description": "## Releases\n\n * Ubuntu 21.04 \n * Ubuntu 20.10 \n * Ubuntu 20.04 LTS\n * Ubuntu 18.04 ESM\n * Ubuntu 16.04 ESM\n\n## Packages\n\n * firefox \\- Mozilla Open Source web browser\n\nMultiple security issues were discovered in Firefox. If a user were \ntricked into opening a specially crafted website, an attacker could \npotentially exploit these to cause a denial of service, spoof the \nbrowser UI, bypass security restrictions, trick the user into disclosing \nconfidential information, or execute arbitrary code. (CVE-2021-23994, \nCVE-2021-23996, CVE-2021-23997, CVE-2021-23998, CVE-2021-23999, \nCVE-2021-24000, CVE-2021-24001, CVE-2021-29945, CVE-2021-29946, \nCVE-2021-29947)\n\nA use-after-free was discovered when Responsive Design Mode was \nenabled. If a user were tricked into opening a specially crafted \nwebsite with Responsive Design Mode enabled, an attacker could \npotentially exploit this to cause a denial of service, or execute \narbitrary code. (CVE-2021-23995)\n\nIt was discovered that Firefox mishandled ftp URLs with encoded newline \ncharacters. If a user were tricked into clicking on a specially crafted \nlink, an attacker could potentially exploit this to send arbitrary \nFTP commands. (CVE-2021-24002)\n", "published": "2021-04-26T00:00:00", "modified": "2021-04-26T00:00:00", "epss": [{"cve": "CVE-2021-23998", "epss": 0.00095, "percentile": 0.39542, "modified": "2023-12-02"}, {"cve": "CVE-2021-23999", "epss": 0.0026, "percentile": 0.63511, "modified": "2023-12-02"}, {"cve": "CVE-2021-23997", "epss": 0.00185, "percentile": 0.5556, "modified": "2023-12-02"}, {"cve": "CVE-2021-29946", "epss": 0.00245, "percentile": 0.62278, "modified": "2023-12-02"}, {"cve": "CVE-2021-24002", "epss": 0.00206, "percentile": 0.58228, "modified": "2023-12-02"}, {"cve": "CVE-2021-29947", "epss": 0.00278, "percentile": 0.64719, "modified": "2023-12-02"}, {"cve": "CVE-2021-23995", "epss": 0.00206, "percentile": 0.58228, "modified": "2023-12-02"}, {"cve": "CVE-2021-29945", "epss": 0.00157, "percentile": 0.51878, "modified": "2023-12-02"}, {"cve": "CVE-2021-24001", "epss": 0.00078, "percentile": 0.32215, "modified": "2023-12-02"}, {"cve": "CVE-2021-23994", "epss": 0.00196, "percentile": 0.57163, "modified": "2023-12-02"}, {"cve": "CVE-2021-23996", "epss": 0.00079, "percentile": 0.3309, "modified": "2023-12-02"}, {"cve": "CVE-2021-24000", "epss": 0.00078, "percentile": 0.32215, "modified": "2023-12-02"}], "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cvss2": {"cvssV2": {"version": "2.0", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "accessVector": "NETWORK", "accessComplexity": "MEDIUM", "authentication": "NONE", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "baseScore": 6.8}, "severity": "MEDIUM", "exploitabilityScore": 8.6, "impactScore": 6.4, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}, "cvss3": {"cvssV3": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH"}, "exploitabilityScore": 2.8, "impactScore": 5.9}, "href": "https://ubuntu.com/security/notices/USN-4926-1", "reporter": "Ubuntu", "references": ["/security/CVE-2021-29946", "/security/CVE-2021-23998", "/security/CVE-2021-23999", "/security/CVE-2021-23997", "/security/CVE-2021-23994", "/security/CVE-2021-23995", "/security/CVE-2021-24002", "/security/CVE-2021-24001", "/security/CVE-2021-29947", "/security/CVE-2021-29945", "/security/CVE-2021-23996", "/security/CVE-2021-24000"], "cvelist": ["CVE-2021-23994", "CVE-2021-23995", "CVE-2021-23996", "CVE-2021-23997", "CVE-2021-23998", "CVE-2021-23999", "CVE-2021-24000", "CVE-2021-24001", "CVE-2021-24002", "CVE-2021-29945", "CVE-2021-29946", "CVE-2021-29947"], "immutableFields": [], "lastseen": "2023-12-02T18:56:35", "viewCount": 95, "enchantments": {"dependencies": {"references": [{"type": "almalinux", "idList": ["ALSA-2021:1353", "ALSA-2021:1360"]}, {"type": "alpinelinux", "idList": ["ALPINE:CVE-2021-23994", "ALPINE:CVE-2021-23995", "ALPINE:CVE-2021-23996", "ALPINE:CVE-2021-23997", "ALPINE:CVE-2021-23998", "ALPINE:CVE-2021-23999", "ALPINE:CVE-2021-24000", "ALPINE:CVE-2021-24001", "ALPINE:CVE-2021-24002", "ALPINE:CVE-2021-29945", "ALPINE:CVE-2021-29946", "ALPINE:CVE-2021-29947"]}, {"type": "altlinux", "idList": ["77C9A63554B280C9284DAE7A0BD5A3C8", "EA213E1D6C38C1E4E440225FBC0DD664"]}, {"type": "amazon", "idList": ["ALAS2-2021-1644"]}, {"type": "archlinux", "idList": ["ASA-202104-3", "ASA-202104-4"]}, {"type": "cve", "idList": ["CVE-2021-23994", "CVE-2021-23995", "CVE-2021-23996", "CVE-2021-23997", "CVE-2021-23998", "CVE-2021-23999", "CVE-2021-24000", "CVE-2021-24001", "CVE-2021-24002", "CVE-2021-29945", "CVE-2021-29946", "CVE-2021-29947"]}, {"type": "debian", "idList": ["DEBIAN:DLA-2632-1:4632F", "DEBIAN:DLA-2633-1:037D9", "DEBIAN:DLA-2633-1:AD3F8", "DEBIAN:DSA-4895-1:58255", "DEBIAN:DSA-4897-1:C9F43"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2021-23994", "DEBIANCVE:CVE-2021-23995", "DEBIANCVE:CVE-2021-23996", "DEBIANCVE:CVE-2021-23997", "DEBIANCVE:CVE-2021-23998", "DEBIANCVE:CVE-2021-23999", "DEBIANCVE:CVE-2021-24000", "DEBIANCVE:CVE-2021-24001", "DEBIANCVE:CVE-2021-24002", "DEBIANCVE:CVE-2021-29945", "DEBIANCVE:CVE-2021-29946", "DEBIANCVE:CVE-2021-29947"]}, {"type": "gentoo", "idList": ["GLSA-202104-09", "GLSA-202104-10"]}, {"type": "ibm", "idList": ["6A4F644E6F16379C681042422583EFB165F32549B96242319F0923F9BB2F759C", "6CBD3C4A1BB3BC337FAB9EB6419B93B75C341838435D7C75B2EF109D6B2DAF63"]}, {"type": "kaspersky", "idList": ["KLA12148", "KLA12149", "KLA12150"]}, {"type": "mageia", "idList": ["MGASA-2021-0198", "MGASA-2021-0199"]}, {"type": "mozilla", "idList": ["MFSA2021-14", "MFSA2021-15", "MFSA2021-16"]}, {"type": "nessus", "idList": ["AL2_ALAS-2021-1644.NASL", "CENTOS8_RHSA-2021-1353.NASL", "CENTOS8_RHSA-2021-1360.NASL", "DEBIAN_DLA-2632.NASL", "DEBIAN_DLA-2633.NASL", "DEBIAN_DSA-4895.NASL", "DEBIAN_DSA-4897.NASL", "GENTOO_GLSA-202104-09.NASL", "GENTOO_GLSA-202104-10.NASL", "MACOS_FIREFOX_78_10_ESR.NASL", "MACOS_FIREFOX_88_0.NASL", "MACOS_THUNDERBIRD_78_10.NASL", "MOZILLA_FIREFOX_78_10_ESR.NASL", "MOZILLA_FIREFOX_88_0.NASL", "MOZILLA_THUNDERBIRD_78_10.NASL", "NEWSTART_CGSL_NS-SA-2021-0107_FIREFOX.NASL", "NEWSTART_CGSL_NS-SA-2021-0131_FIREFOX.NASL", "NEWSTART_CGSL_NS-SA-2022-0029_FIREFOX.NASL", "OPENSUSE-2021-621.NASL", "OPENSUSE-2021-644.NASL", "ORACLELINUX_ELSA-2021-1350.NASL", "ORACLELINUX_ELSA-2021-1353.NASL", "ORACLELINUX_ELSA-2021-1360.NASL", "ORACLELINUX_ELSA-2021-1363.NASL", "REDHAT-RHSA-2021-1350.NASL", "REDHAT-RHSA-2021-1351.NASL", "REDHAT-RHSA-2021-1352.NASL", "REDHAT-RHSA-2021-1353.NASL", "REDHAT-RHSA-2021-1360.NASL", "REDHAT-RHSA-2021-1361.NASL", "REDHAT-RHSA-2021-1362.NASL", "REDHAT-RHSA-2021-1363.NASL", "SUSE_SU-2021-1307-1.NASL", "SUSE_SU-2021-1325-1.NASL", "SUSE_SU-2021-1433-1.NASL", "SUSE_SU-2021-14708-1.NASL", "UBUNTU_USN-4926-1.NASL", "UBUNTU_USN-4995-1.NASL", "UBUNTU_USN-4995-2.NASL"]}, {"type": "oraclelinux", "idList": ["ELSA-2021-1350", "ELSA-2021-1353", "ELSA-2021-1360", "ELSA-2021-1363"]}, {"type": "osv", "idList": ["OSV:DLA-2632-1", "OSV:DLA-2633-1"]}, {"type": "prion", "idList": ["PRION:CVE-2021-23994", "PRION:CVE-2021-23995", "PRION:CVE-2021-23996", "PRION:CVE-2021-23997", "PRION:CVE-2021-23998", "PRION:CVE-2021-23999", "PRION:CVE-2021-24000", "PRION:CVE-2021-24001", "PRION:CVE-2021-24002", "PRION:CVE-2021-29945", "PRION:CVE-2021-29946", "PRION:CVE-2021-29947"]}, {"type": "redhat", "idList": ["RHSA-2021:1350", "RHSA-2021:1351", "RHSA-2021:1352", "RHSA-2021:1353", "RHSA-2021:1360", "RHSA-2021:1361", "RHSA-2021:1362", "RHSA-2021:1363"]}, {"type": "redhatcve", "idList": ["RH:CVE-2021-23994", "RH:CVE-2021-23995", "RH:CVE-2021-23998", "RH:CVE-2021-23999", "RH:CVE-2021-24002", "RH:CVE-2021-29945", "RH:CVE-2021-29946"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2021:0621-1", "OPENSUSE-SU-2021:0644-1"]}, {"type": "threatpost", "idList": ["THREATPOST:4634ED2B28BA5980FAACF8D03CCDF92F"]}, {"type": "ubuntu", "idList": ["USN-4995-1", "USN-4995-2"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2021-23994", "UB:CVE-2021-23995", "UB:CVE-2021-23996", "UB:CVE-2021-23997", "UB:CVE-2021-23998", "UB:CVE-2021-23999", "UB:CVE-2021-24000", "UB:CVE-2021-24001", "UB:CVE-2021-24002", "UB:CVE-2021-29945", "UB:CVE-2021-29946", "UB:CVE-2021-29947"]}, {"type": "veracode", "idList": ["VERACODE:30089", "VERACODE:30090", "VERACODE:30091", "VERACODE:30092", "VERACODE:30093", "VERACODE:30094", "VERACODE:30109", "VERACODE:30110", "VERACODE:30111", "VERACODE:30117", "VERACODE:30118", "VERACODE:30120"]}]}, "score": {"value": 8.4, "vector": "NONE"}, "backreferences": {"references": [{"type": "almalinux", "idList": ["ALSA-2021:1353", "ALSA-2021:1360"]}, {"type": "amazon", "idList": ["ALAS2-2021-1644"]}, {"type": "archlinux", "idList": ["ASA-202104-3", "ASA-202104-4"]}, {"type": "cve", "idList": ["CVE-2021-23994", "CVE-2021-23995", "CVE-2021-23996", "CVE-2021-23997", "CVE-2021-23998", "CVE-2021-23999", "CVE-2021-24000", "CVE-2021-24001", "CVE-2021-24002", "CVE-2021-29945", "CVE-2021-29946", "CVE-2021-29947"]}, {"type": "debian", "idList": ["DEBIAN:DLA-2632-1:4632F", "DEBIAN:DLA-2633-1:037D9", "DEBIAN:DSA-4895-1:58255", "DEBIAN:DSA-4897-1:C9F43"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2021-23994", "DEBIANCVE:CVE-2021-23995", "DEBIANCVE:CVE-2021-23996", "DEBIANCVE:CVE-2021-23997", "DEBIANCVE:CVE-2021-23998", "DEBIANCVE:CVE-2021-23999", "DEBIANCVE:CVE-2021-24000", "DEBIANCVE:CVE-2021-24001", "DEBIANCVE:CVE-2021-24002", "DEBIANCVE:CVE-2021-29945", "DEBIANCVE:CVE-2021-29946", "DEBIANCVE:CVE-2021-29947"]}, {"type": "gentoo", "idList": ["GLSA-202104-09", "GLSA-202104-10"]}, {"type": "kaspersky", "idList": ["KLA12148", "KLA12149", "KLA12150"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/AMAZON-LINUX-AMI-2-CVE-2021-23998/", "MSF:ILITIES/GENTOO-LINUX-CVE-2021-23998/", "MSF:ILITIES/ORACLE_LINUX-CVE-2021-23994/", "MSF:ILITIES/ORACLE_LINUX-CVE-2021-23995/", "MSF:ILITIES/ORACLE_LINUX-CVE-2021-29945/", "MSF:ILITIES/ORACLE_LINUX-CVE-2021-29946/", "MSF:ILITIES/SUSE-CVE-2021-23994/", "MSF:ILITIES/SUSE-CVE-2021-23998/", "MSF:ILITIES/SUSE-CVE-2021-24002/", "MSF:ILITIES/SUSE-CVE-2021-29946/"]}, {"type": "mozilla", "idList": ["MFSA2021-16"]}, {"type": "nessus", "idList": ["AL2_ALAS-2021-1644.NASL", "CENTOS8_RHSA-2021-1353.NASL", "CENTOS8_RHSA-2021-1360.NASL", "DEBIAN_DLA-2632.NASL", "DEBIAN_DLA-2633.NASL", "DEBIAN_DSA-4895.NASL", "DEBIAN_DSA-4897.NASL", "GENTOO_GLSA-202104-09.NASL", "GENTOO_GLSA-202104-10.NASL", "MOZILLA_FIREFOX_78_10_ESR.NASL", "MOZILLA_FIREFOX_88_0.NASL", "MOZILLA_THUNDERBIRD_78_10.NASL", "OPENSUSE-2021-621.NASL", "OPENSUSE-2021-644.NASL", "ORACLELINUX_ELSA-2021-1350.NASL", "ORACLELINUX_ELSA-2021-1353.NASL", "ORACLELINUX_ELSA-2021-1360.NASL", "ORACLELINUX_ELSA-2021-1363.NASL", "REDHAT-RHSA-2021-1350.NASL", "REDHAT-RHSA-2021-1351.NASL", "REDHAT-RHSA-2021-1352.NASL", "REDHAT-RHSA-2021-1353.NASL", "REDHAT-RHSA-2021-1360.NASL", "REDHAT-RHSA-2021-1361.NASL", "REDHAT-RHSA-2021-1362.NASL", "REDHAT-RHSA-2021-1363.NASL", "SUSE_SU-2021-1307-1.NASL", "SUSE_SU-2021-1325-1.NASL", "SUSE_SU-2021-1433-1.NASL", "SUSE_SU-2021-14708-1.NASL", "UBUNTU_USN-4926-1.NASL", "UBUNTU_USN-4995-1.NASL", "UBUNTU_USN-4995-2.NASL"]}, {"type": "oraclelinux", "idList": ["ELSA-2021-1350", "ELSA-2021-1353", "ELSA-2021-1360", "ELSA-2021-1363"]}, {"type": "redhat", "idList": ["RHSA-2021:1363"]}, {"type": "redhatcve", "idList": ["RH:CVE-2021-23994", "RH:CVE-2021-23995", "RH:CVE-2021-23998", "RH:CVE-2021-23999", "RH:CVE-2021-24002", "RH:CVE-2021-29945", "RH:CVE-2021-29946"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2021:0621-1", "OPENSUSE-SU-2021:0644-1"]}, {"type": "threatpost", "idList": ["THREATPOST:4634ED2B28BA5980FAACF8D03CCDF92F"]}, {"type": "ubuntu", "idList": ["USN-4995-1", "USN-4995-2"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2021-23994", "UB:CVE-2021-23995", "UB:CVE-2021-23996", "UB:CVE-2021-23997", "UB:CVE-2021-23998", "UB:CVE-2021-23999", "UB:CVE-2021-24000", "UB:CVE-2021-24001", "UB:CVE-2021-24002", "UB:CVE-2021-29945", "UB:CVE-2021-29946", "UB:CVE-2021-29947"]}]}, "exploitation": null, "epss": [{"cve": "CVE-2021-23994", "epss": 0.00196, "percentile": 0.55953, "modified": "2023-05-07"}, {"cve": "CVE-2021-23995", "epss": 0.00206, "percentile": 0.57043, "modified": "2023-05-07"}, {"cve": "CVE-2021-23996", "epss": 0.00079, "percentile": 0.32568, "modified": "2023-05-07"}, {"cve": "CVE-2021-23997", "epss": 0.00185, "percentile": 0.5434, "modified": "2023-05-07"}, {"cve": "CVE-2021-23998", "epss": 0.00095, "percentile": 0.38883, "modified": "2023-05-07"}, {"cve": "CVE-2021-23999", "epss": 0.00217, "percentile": 0.58218, "modified": "2023-05-07"}, {"cve": "CVE-2021-24000", "epss": 0.00078, "percentile": 0.31743, "modified": "2023-05-07"}, {"cve": "CVE-2021-24001", "epss": 0.00078, "percentile": 0.31743, "modified": "2023-05-07"}, {"cve": "CVE-2021-24002", "epss": 0.00206, "percentile": 0.57043, "modified": "2023-05-07"}, {"cve": "CVE-2021-29945", "epss": 0.00157, "percentile": 0.50664, "modified": "2023-05-07"}, {"cve": "CVE-2021-29946", "epss": 0.00245, "percentile": 0.61014, "modified": "2023-05-07"}, {"cve": "CVE-2021-29947", "epss": 0.00278, "percentile": 0.63591, "modified": "2023-05-07"}], "vulnersScore": 8.4}, "_state": {"dependencies": 1701544388, "score": 1701543713, "epss": 0}, "_internal": {"score_hash": "d5ca9019be4bfb704e91c83d7b0d8a1d"}, "affectedPackage": [{"OS": "Ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.21.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox"}, {"OS": "Ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.21.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-dbg"}, {"OS": "Ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.21.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-dev"}, {"OS": "Ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.21.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-geckodriver"}, {"OS": "Ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.21.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-af"}, {"OS": "Ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.21.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-an"}, {"OS": "Ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.21.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-ar"}, {"OS": "Ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.21.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-as"}, {"OS": "Ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.21.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-ast"}, {"OS": "Ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.21.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-az"}, {"OS": "Ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.21.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-be"}, {"OS": "Ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.21.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-bg"}, {"OS": "Ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.21.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-bn"}, {"OS": "Ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.21.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-br"}, {"OS": "Ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.21.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-bs"}, {"OS": "Ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.21.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-ca"}, {"OS": "Ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.21.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-cak"}, {"OS": "Ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.21.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-cs"}, {"OS": "Ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.21.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-csb"}, {"OS": "Ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.21.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-cy"}, {"OS": "Ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.21.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-da"}, {"OS": "Ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.21.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-de"}, {"OS": "Ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.21.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-el"}, {"OS": "Ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.21.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-en"}, {"OS": "Ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.21.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-eo"}, {"OS": "Ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.21.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-es"}, {"OS": "Ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.21.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-et"}, {"OS": "Ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.21.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-eu"}, {"OS": "Ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.21.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-fa"}, {"OS": "Ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.21.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-fi"}, {"OS": "Ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.21.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-fr"}, {"OS": "Ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.21.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-fy"}, {"OS": "Ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.21.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-ga"}, {"OS": "Ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.21.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-gd"}, {"OS": "Ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.21.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-gl"}, {"OS": "Ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.21.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-gn"}, {"OS": "Ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.21.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-gu"}, {"OS": "Ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.21.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-he"}, {"OS": "Ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.21.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-hi"}, {"OS": "Ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.21.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-hr"}, {"OS": "Ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.21.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-hsb"}, {"OS": "Ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.21.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-hu"}, {"OS": "Ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.21.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-hy"}, {"OS": "Ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.21.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-ia"}, {"OS": "Ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.21.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-id"}, {"OS": "Ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.21.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-is"}, {"OS": "Ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.21.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-it"}, {"OS": "Ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.21.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-ja"}, {"OS": "Ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.21.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-ka"}, {"OS": "Ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.21.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-kab"}, {"OS": "Ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.21.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-kk"}, {"OS": "Ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.21.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-km"}, {"OS": "Ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.21.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-kn"}, {"OS": "Ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.21.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-ko"}, {"OS": "Ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.21.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-ku"}, {"OS": "Ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.21.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-lg"}, {"OS": "Ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.21.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-lt"}, {"OS": "Ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.21.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-lv"}, {"OS": "Ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.21.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-mai"}, {"OS": "Ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.21.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-mk"}, {"OS": "Ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.21.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-ml"}, {"OS": "Ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.21.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-mn"}, {"OS": "Ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.21.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-mr"}, {"OS": "Ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.21.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-ms"}, {"OS": "Ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.21.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-my"}, {"OS": "Ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.21.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-nb"}, {"OS": "Ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.21.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-ne"}, {"OS": "Ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.21.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-nl"}, {"OS": "Ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.21.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-nn"}, {"OS": "Ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.21.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-nso"}, {"OS": "Ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.21.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-oc"}, {"OS": "Ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.21.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-or"}, {"OS": "Ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.21.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-pa"}, {"OS": "Ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.21.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-pl"}, {"OS": "Ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.21.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-pt"}, {"OS": "Ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.21.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-ro"}, {"OS": "Ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.21.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-ru"}, {"OS": "Ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.21.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-si"}, {"OS": "Ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.21.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-sk"}, {"OS": "Ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.21.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-sl"}, {"OS": "Ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.21.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-sq"}, {"OS": "Ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.21.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-sr"}, {"OS": "Ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.21.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-sv"}, {"OS": "Ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.21.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-sw"}, {"OS": "Ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.21.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-szl"}, {"OS": "Ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.21.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-ta"}, {"OS": "Ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.21.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-te"}, {"OS": "Ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.21.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-th"}, {"OS": "Ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.21.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-tr"}, {"OS": "Ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.21.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-uk"}, {"OS": "Ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.21.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-ur"}, {"OS": "Ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.21.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-uz"}, {"OS": "Ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.21.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-vi"}, {"OS": "Ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.21.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-xh"}, {"OS": "Ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.21.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-zh-hans"}, {"OS": "Ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.21.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-zh-hant"}, {"OS": "Ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.21.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-zu"}, {"OS": "Ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.21.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-mozsymbols"}, {"OS": "Ubuntu", "OSVersion": "20.10", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.10.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox"}, {"OS": "Ubuntu", "OSVersion": "20.10", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.10.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-dbg"}, {"OS": "Ubuntu", "OSVersion": "20.10", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.10.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-dev"}, {"OS": "Ubuntu", "OSVersion": "20.10", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.10.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-geckodriver"}, {"OS": "Ubuntu", "OSVersion": "20.10", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.10.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-af"}, {"OS": "Ubuntu", "OSVersion": "20.10", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.10.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-an"}, {"OS": "Ubuntu", "OSVersion": "20.10", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.10.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-ar"}, {"OS": "Ubuntu", "OSVersion": "20.10", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.10.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-as"}, {"OS": "Ubuntu", "OSVersion": "20.10", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.10.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-ast"}, {"OS": "Ubuntu", "OSVersion": "20.10", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.10.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-az"}, {"OS": "Ubuntu", "OSVersion": "20.10", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.10.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-be"}, {"OS": "Ubuntu", "OSVersion": "20.10", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.10.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-bg"}, {"OS": "Ubuntu", "OSVersion": "20.10", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.10.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-bn"}, {"OS": "Ubuntu", "OSVersion": "20.10", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.10.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-br"}, {"OS": "Ubuntu", "OSVersion": "20.10", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.10.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-bs"}, {"OS": "Ubuntu", "OSVersion": "20.10", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.10.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-ca"}, {"OS": "Ubuntu", "OSVersion": "20.10", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.10.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-cak"}, {"OS": "Ubuntu", "OSVersion": "20.10", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.10.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-cs"}, {"OS": "Ubuntu", "OSVersion": "20.10", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.10.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-csb"}, {"OS": "Ubuntu", "OSVersion": "20.10", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.10.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-cy"}, {"OS": "Ubuntu", "OSVersion": "20.10", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.10.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-da"}, {"OS": "Ubuntu", "OSVersion": "20.10", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.10.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-de"}, {"OS": "Ubuntu", "OSVersion": "20.10", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.10.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-el"}, {"OS": "Ubuntu", "OSVersion": "20.10", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.10.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-en"}, {"OS": "Ubuntu", "OSVersion": "20.10", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.10.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-eo"}, {"OS": "Ubuntu", "OSVersion": "20.10", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.10.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-es"}, {"OS": "Ubuntu", "OSVersion": "20.10", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.10.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-et"}, {"OS": "Ubuntu", "OSVersion": "20.10", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.10.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-eu"}, {"OS": "Ubuntu", "OSVersion": "20.10", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.10.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-fa"}, {"OS": "Ubuntu", "OSVersion": "20.10", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.10.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-fi"}, {"OS": "Ubuntu", "OSVersion": "20.10", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.10.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-fr"}, {"OS": "Ubuntu", "OSVersion": "20.10", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.10.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-fy"}, {"OS": "Ubuntu", "OSVersion": "20.10", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.10.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-ga"}, {"OS": "Ubuntu", "OSVersion": "20.10", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.10.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-gd"}, {"OS": "Ubuntu", "OSVersion": "20.10", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.10.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-gl"}, {"OS": "Ubuntu", "OSVersion": "20.10", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.10.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-gn"}, {"OS": "Ubuntu", "OSVersion": "20.10", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.10.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-gu"}, {"OS": "Ubuntu", "OSVersion": "20.10", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.10.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-he"}, {"OS": "Ubuntu", "OSVersion": "20.10", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.10.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-hi"}, {"OS": "Ubuntu", "OSVersion": "20.10", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.10.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-hr"}, {"OS": "Ubuntu", "OSVersion": "20.10", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.10.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-hsb"}, {"OS": "Ubuntu", "OSVersion": "20.10", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.10.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-hu"}, {"OS": "Ubuntu", "OSVersion": "20.10", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.10.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-hy"}, {"OS": "Ubuntu", "OSVersion": "20.10", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.10.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-ia"}, {"OS": "Ubuntu", "OSVersion": "20.10", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.10.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-id"}, {"OS": "Ubuntu", "OSVersion": "20.10", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.10.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-is"}, {"OS": "Ubuntu", "OSVersion": "20.10", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.10.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-it"}, {"OS": "Ubuntu", "OSVersion": "20.10", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.10.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-ja"}, {"OS": "Ubuntu", "OSVersion": "20.10", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.10.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-ka"}, {"OS": "Ubuntu", "OSVersion": "20.10", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.10.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-kab"}, {"OS": "Ubuntu", "OSVersion": "20.10", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.10.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-kk"}, {"OS": "Ubuntu", "OSVersion": "20.10", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.10.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-km"}, {"OS": "Ubuntu", "OSVersion": "20.10", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.10.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-kn"}, {"OS": "Ubuntu", "OSVersion": "20.10", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.10.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-ko"}, {"OS": "Ubuntu", "OSVersion": "20.10", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.10.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-ku"}, {"OS": "Ubuntu", "OSVersion": "20.10", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.10.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-lg"}, {"OS": "Ubuntu", "OSVersion": "20.10", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.10.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-lt"}, {"OS": "Ubuntu", "OSVersion": "20.10", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.10.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-lv"}, {"OS": "Ubuntu", "OSVersion": "20.10", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.10.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-mai"}, {"OS": "Ubuntu", "OSVersion": "20.10", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.10.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-mk"}, {"OS": "Ubuntu", "OSVersion": "20.10", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.10.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-ml"}, {"OS": "Ubuntu", "OSVersion": "20.10", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.10.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-mn"}, {"OS": "Ubuntu", "OSVersion": "20.10", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.10.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-mr"}, {"OS": "Ubuntu", "OSVersion": "20.10", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.10.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-ms"}, {"OS": "Ubuntu", "OSVersion": "20.10", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.10.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-my"}, {"OS": "Ubuntu", "OSVersion": "20.10", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.10.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-nb"}, {"OS": "Ubuntu", "OSVersion": "20.10", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.10.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-ne"}, {"OS": "Ubuntu", "OSVersion": "20.10", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.10.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-nl"}, {"OS": "Ubuntu", "OSVersion": "20.10", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.10.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-nn"}, {"OS": "Ubuntu", "OSVersion": "20.10", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.10.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-nso"}, {"OS": "Ubuntu", "OSVersion": "20.10", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.10.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-oc"}, {"OS": "Ubuntu", "OSVersion": "20.10", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.10.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-or"}, {"OS": "Ubuntu", "OSVersion": "20.10", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.10.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-pa"}, {"OS": "Ubuntu", "OSVersion": "20.10", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.10.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-pl"}, {"OS": "Ubuntu", "OSVersion": "20.10", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.10.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-pt"}, {"OS": "Ubuntu", "OSVersion": "20.10", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.10.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-ro"}, {"OS": "Ubuntu", "OSVersion": "20.10", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.10.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-ru"}, {"OS": "Ubuntu", "OSVersion": "20.10", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.10.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-si"}, {"OS": "Ubuntu", "OSVersion": "20.10", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.10.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-sk"}, {"OS": "Ubuntu", "OSVersion": "20.10", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.10.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-sl"}, {"OS": "Ubuntu", "OSVersion": "20.10", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.10.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-sq"}, {"OS": "Ubuntu", "OSVersion": "20.10", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.10.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-sr"}, {"OS": "Ubuntu", "OSVersion": "20.10", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.10.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-sv"}, {"OS": "Ubuntu", "OSVersion": "20.10", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.10.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-sw"}, {"OS": "Ubuntu", "OSVersion": "20.10", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.10.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-szl"}, {"OS": "Ubuntu", "OSVersion": "20.10", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.10.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-ta"}, {"OS": "Ubuntu", "OSVersion": "20.10", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.10.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-te"}, {"OS": "Ubuntu", "OSVersion": "20.10", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.10.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-th"}, {"OS": "Ubuntu", "OSVersion": "20.10", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.10.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-tr"}, {"OS": "Ubuntu", "OSVersion": "20.10", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.10.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-uk"}, {"OS": "Ubuntu", "OSVersion": "20.10", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.10.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-ur"}, {"OS": "Ubuntu", "OSVersion": "20.10", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.10.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-uz"}, {"OS": "Ubuntu", "OSVersion": "20.10", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.10.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-vi"}, {"OS": "Ubuntu", "OSVersion": "20.10", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.10.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-xh"}, {"OS": "Ubuntu", "OSVersion": "20.10", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.10.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-zh-hans"}, {"OS": "Ubuntu", "OSVersion": "20.10", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.10.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-zh-hant"}, {"OS": "Ubuntu", "OSVersion": "20.10", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.10.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-zu"}, {"OS": "Ubuntu", "OSVersion": "20.10", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.10.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-mozsymbols"}, {"OS": "Ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox"}, {"OS": "Ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-dbg"}, {"OS": "Ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-dev"}, {"OS": "Ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-geckodriver"}, {"OS": "Ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-af"}, {"OS": "Ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-an"}, {"OS": "Ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-ar"}, {"OS": "Ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-as"}, {"OS": "Ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-ast"}, {"OS": "Ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-az"}, {"OS": "Ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-be"}, {"OS": "Ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-bg"}, {"OS": "Ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-bn"}, {"OS": "Ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-br"}, {"OS": "Ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-bs"}, {"OS": "Ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-ca"}, {"OS": "Ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-cak"}, {"OS": "Ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-cs"}, {"OS": "Ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-csb"}, {"OS": "Ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-cy"}, {"OS": "Ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-da"}, {"OS": "Ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-de"}, {"OS": "Ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-el"}, {"OS": "Ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-en"}, {"OS": "Ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-eo"}, {"OS": "Ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-es"}, {"OS": "Ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-et"}, {"OS": "Ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-eu"}, {"OS": "Ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-fa"}, {"OS": "Ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-fi"}, {"OS": "Ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-fr"}, {"OS": "Ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-fy"}, {"OS": "Ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-ga"}, {"OS": "Ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-gd"}, {"OS": "Ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-gl"}, {"OS": "Ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-gn"}, {"OS": "Ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-gu"}, {"OS": "Ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-he"}, {"OS": "Ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-hi"}, {"OS": "Ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-hr"}, {"OS": "Ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-hsb"}, {"OS": "Ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-hu"}, {"OS": "Ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-hy"}, {"OS": "Ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-ia"}, {"OS": "Ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-id"}, {"OS": "Ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-is"}, {"OS": "Ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-it"}, {"OS": "Ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-ja"}, {"OS": "Ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-ka"}, {"OS": "Ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-kab"}, {"OS": "Ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-kk"}, {"OS": "Ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-km"}, {"OS": "Ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-kn"}, {"OS": "Ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-ko"}, {"OS": "Ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-ku"}, {"OS": "Ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-lg"}, {"OS": "Ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-lt"}, {"OS": "Ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-lv"}, {"OS": "Ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-mai"}, {"OS": "Ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-mk"}, {"OS": "Ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-ml"}, {"OS": "Ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-mn"}, {"OS": "Ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-mr"}, {"OS": "Ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-ms"}, {"OS": "Ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-my"}, {"OS": "Ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-nb"}, {"OS": "Ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-ne"}, {"OS": "Ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-nl"}, {"OS": "Ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-nn"}, {"OS": "Ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-nso"}, {"OS": "Ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-oc"}, {"OS": "Ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-or"}, {"OS": "Ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-pa"}, {"OS": "Ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-pl"}, {"OS": "Ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-pt"}, {"OS": "Ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-ro"}, {"OS": "Ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-ru"}, {"OS": "Ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-si"}, {"OS": "Ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-sk"}, {"OS": "Ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-sl"}, {"OS": "Ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-sq"}, {"OS": "Ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-sr"}, {"OS": "Ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-sv"}, {"OS": "Ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-sw"}, {"OS": "Ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-szl"}, {"OS": "Ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-ta"}, {"OS": "Ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-te"}, {"OS": "Ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-th"}, {"OS": "Ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-tr"}, {"OS": "Ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-uk"}, {"OS": "Ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-ur"}, {"OS": "Ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-uz"}, {"OS": "Ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-vi"}, {"OS": "Ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-xh"}, {"OS": "Ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-zh-hans"}, {"OS": "Ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-zh-hant"}, {"OS": "Ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-zu"}, {"OS": "Ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.20.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-mozsymbols"}, {"OS": "Ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.18.04.2", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox"}, {"OS": "Ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.18.04.2", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-dbg"}, {"OS": "Ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.18.04.2", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-dev"}, {"OS": "Ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.18.04.2", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-geckodriver"}, {"OS": "Ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.18.04.2", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-af"}, {"OS": "Ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.18.04.2", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-an"}, {"OS": "Ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.18.04.2", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-ar"}, {"OS": "Ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.18.04.2", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-as"}, {"OS": "Ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.18.04.2", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-ast"}, {"OS": "Ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.18.04.2", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-az"}, {"OS": "Ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.18.04.2", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-be"}, {"OS": "Ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.18.04.2", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-bg"}, {"OS": "Ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.18.04.2", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-bn"}, {"OS": "Ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.18.04.2", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-br"}, {"OS": "Ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.18.04.2", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-bs"}, {"OS": "Ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.18.04.2", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-ca"}, {"OS": "Ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.18.04.2", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-cak"}, {"OS": "Ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.18.04.2", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-cs"}, {"OS": "Ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.18.04.2", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-csb"}, {"OS": "Ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.18.04.2", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-cy"}, {"OS": "Ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.18.04.2", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-da"}, {"OS": "Ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.18.04.2", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-de"}, {"OS": "Ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.18.04.2", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-el"}, {"OS": "Ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.18.04.2", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-en"}, {"OS": "Ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.18.04.2", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-eo"}, {"OS": "Ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.18.04.2", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-es"}, {"OS": "Ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.18.04.2", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-et"}, {"OS": "Ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.18.04.2", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-eu"}, {"OS": "Ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.18.04.2", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-fa"}, {"OS": "Ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.18.04.2", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-fi"}, {"OS": "Ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.18.04.2", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-fr"}, {"OS": "Ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.18.04.2", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-fy"}, {"OS": "Ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.18.04.2", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-ga"}, {"OS": "Ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.18.04.2", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-gd"}, {"OS": "Ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.18.04.2", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-gl"}, {"OS": "Ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.18.04.2", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-gn"}, {"OS": "Ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.18.04.2", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-gu"}, {"OS": "Ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.18.04.2", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-he"}, {"OS": "Ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.18.04.2", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-hi"}, {"OS": "Ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.18.04.2", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-hr"}, {"OS": "Ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.18.04.2", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-hsb"}, {"OS": "Ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.18.04.2", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-hu"}, {"OS": "Ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.18.04.2", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-hy"}, {"OS": "Ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.18.04.2", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-ia"}, {"OS": "Ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.18.04.2", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-id"}, {"OS": "Ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.18.04.2", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-is"}, {"OS": "Ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.18.04.2", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-it"}, {"OS": "Ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.18.04.2", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-ja"}, {"OS": "Ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.18.04.2", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-ka"}, {"OS": "Ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.18.04.2", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-kab"}, {"OS": "Ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.18.04.2", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-kk"}, {"OS": "Ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.18.04.2", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-km"}, {"OS": "Ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.18.04.2", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-kn"}, {"OS": "Ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.18.04.2", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-ko"}, {"OS": "Ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.18.04.2", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-ku"}, {"OS": "Ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.18.04.2", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-lg"}, {"OS": "Ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.18.04.2", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-lt"}, {"OS": "Ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.18.04.2", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-lv"}, {"OS": "Ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.18.04.2", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-mai"}, {"OS": "Ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.18.04.2", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-mk"}, {"OS": "Ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.18.04.2", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-ml"}, {"OS": "Ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.18.04.2", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-mn"}, {"OS": "Ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.18.04.2", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-mr"}, {"OS": "Ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.18.04.2", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-ms"}, {"OS": "Ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.18.04.2", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-my"}, {"OS": "Ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.18.04.2", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-nb"}, {"OS": "Ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.18.04.2", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-ne"}, {"OS": "Ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.18.04.2", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-nl"}, {"OS": "Ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.18.04.2", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-nn"}, {"OS": "Ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.18.04.2", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-nso"}, {"OS": "Ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.18.04.2", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-oc"}, {"OS": "Ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.18.04.2", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-or"}, {"OS": "Ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.18.04.2", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-pa"}, {"OS": "Ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.18.04.2", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-pl"}, {"OS": "Ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.18.04.2", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-pt"}, {"OS": "Ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.18.04.2", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-ro"}, {"OS": "Ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.18.04.2", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-ru"}, {"OS": "Ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.18.04.2", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-si"}, {"OS": "Ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.18.04.2", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-sk"}, {"OS": "Ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.18.04.2", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-sl"}, {"OS": "Ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.18.04.2", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-sq"}, {"OS": "Ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.18.04.2", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-sr"}, {"OS": "Ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.18.04.2", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-sv"}, {"OS": "Ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.18.04.2", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-sw"}, {"OS": "Ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.18.04.2", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-szl"}, {"OS": "Ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.18.04.2", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-ta"}, {"OS": "Ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.18.04.2", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-te"}, {"OS": "Ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.18.04.2", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-th"}, {"OS": "Ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.18.04.2", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-tr"}, {"OS": "Ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.18.04.2", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-uk"}, {"OS": "Ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.18.04.2", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-ur"}, {"OS": "Ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.18.04.2", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-uz"}, {"OS": "Ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.18.04.2", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-vi"}, {"OS": "Ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.18.04.2", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-xh"}, {"OS": "Ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.18.04.2", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-zh-hans"}, {"OS": "Ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.18.04.2", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-zh-hant"}, {"OS": "Ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.18.04.2", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-zu"}, {"OS": "Ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.18.04.2", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-mozsymbols"}, {"OS": "Ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.16.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox"}, {"OS": "Ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.16.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-dbg"}, {"OS": "Ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.16.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-dbgsym"}, {"OS": "Ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.16.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-dev"}, {"OS": "Ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.16.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-geckodriver"}, {"OS": "Ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.16.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-geckodriver-dbgsym"}, {"OS": "Ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.16.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-af"}, {"OS": "Ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.16.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-an"}, {"OS": "Ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.16.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-ar"}, {"OS": "Ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.16.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-as"}, {"OS": "Ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.16.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-ast"}, {"OS": "Ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.16.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-az"}, {"OS": "Ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.16.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-be"}, {"OS": "Ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.16.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-bg"}, {"OS": "Ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.16.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-bn"}, {"OS": "Ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.16.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-br"}, {"OS": "Ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.16.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-bs"}, {"OS": "Ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.16.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-ca"}, {"OS": "Ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.16.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-cak"}, {"OS": "Ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.16.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-cs"}, {"OS": "Ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.16.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-csb"}, {"OS": "Ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.16.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-cy"}, {"OS": "Ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.16.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-da"}, {"OS": "Ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.16.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-de"}, {"OS": "Ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.16.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-el"}, {"OS": "Ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.16.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-en"}, {"OS": "Ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.16.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-eo"}, {"OS": "Ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.16.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-es"}, {"OS": "Ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.16.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-et"}, {"OS": "Ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.16.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-eu"}, {"OS": "Ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.16.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-fa"}, {"OS": "Ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.16.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-fi"}, {"OS": "Ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.16.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-fr"}, {"OS": "Ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.16.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-fy"}, {"OS": "Ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.16.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-ga"}, {"OS": "Ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.16.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-gd"}, {"OS": "Ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.16.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-gl"}, {"OS": "Ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.16.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-gn"}, {"OS": "Ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.16.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-gu"}, {"OS": "Ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.16.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-he"}, {"OS": "Ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.16.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-hi"}, {"OS": "Ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.16.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-hr"}, {"OS": "Ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.16.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-hsb"}, {"OS": "Ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.16.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-hu"}, {"OS": "Ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.16.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-hy"}, {"OS": "Ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.16.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-ia"}, {"OS": "Ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.16.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-id"}, {"OS": "Ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.16.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-is"}, {"OS": "Ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.16.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-it"}, {"OS": "Ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.16.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-ja"}, {"OS": "Ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.16.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-ka"}, {"OS": "Ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.16.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-kab"}, {"OS": "Ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.16.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-kk"}, {"OS": "Ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.16.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-km"}, {"OS": "Ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.16.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-kn"}, {"OS": "Ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.16.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-ko"}, {"OS": "Ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.16.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-ku"}, {"OS": "Ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.16.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-lg"}, {"OS": "Ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.16.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-lt"}, {"OS": "Ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.16.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-lv"}, {"OS": "Ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.16.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-mai"}, {"OS": "Ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.16.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-mk"}, {"OS": "Ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.16.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-ml"}, {"OS": "Ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.16.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-mn"}, {"OS": "Ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.16.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-mr"}, {"OS": "Ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.16.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-ms"}, {"OS": "Ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.16.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-my"}, {"OS": "Ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.16.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-nb"}, {"OS": "Ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.16.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-ne"}, {"OS": "Ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.16.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-nl"}, {"OS": "Ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.16.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-nn"}, {"OS": "Ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.16.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-nso"}, {"OS": "Ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.16.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-oc"}, {"OS": "Ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.16.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-or"}, {"OS": "Ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.16.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-pa"}, {"OS": "Ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.16.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-pl"}, {"OS": "Ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.16.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-pt"}, {"OS": "Ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.16.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-ro"}, {"OS": "Ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.16.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-ru"}, {"OS": "Ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.16.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-si"}, {"OS": "Ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.16.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-sk"}, {"OS": "Ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.16.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-sl"}, {"OS": "Ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.16.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-sq"}, {"OS": "Ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.16.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-sr"}, {"OS": "Ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.16.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-sv"}, {"OS": "Ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.16.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-sw"}, {"OS": "Ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.16.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-szl"}, {"OS": "Ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.16.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-ta"}, {"OS": "Ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.16.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-te"}, {"OS": "Ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.16.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-th"}, {"OS": "Ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.16.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-tr"}, {"OS": "Ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.16.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-uk"}, {"OS": "Ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.16.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-ur"}, {"OS": "Ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.16.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-uz"}, {"OS": "Ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.16.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-vi"}, {"OS": "Ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.16.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-xh"}, {"OS": "Ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.16.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-zh-hans"}, {"OS": "Ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.16.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-zh-hant"}, {"OS": "Ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.16.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-locale-zu"}, {"OS": "Ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "88.0+build2-0ubuntu0.16.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firefox-mozsymbols"}]}

{"nessus": [{"lastseen": "2023-10-19T14:58:10", "description": "The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 20.10 / 21.04 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4926-1 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-04-26T00:00:00", "type": "nessus", "title": "Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : Firefox vulnerabilities (USN-4926-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-23994", "CVE-2021-23995", "CVE-2021-23996", "CVE-2021-23997", "CVE-2021-23998", "CVE-2021-23999", "CVE-2021-24000", "CVE-2021-24001", "CVE-2021-24002", "CVE-2021-29945", "CVE-2021-29946", "CVE-2021-29947"], "modified": "2023-10-16T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:16.04:-:lts", "cpe:/o:canonical:ubuntu_linux:18.04:-:lts", "cpe:/o:canonical:ubuntu_linux:20.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:firefox", "p-cpe:/a:canonical:ubuntu_linux:firefox-dev", "p-cpe:/a:canonical:ubuntu_linux:firefox-geckodriver", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-af", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-an", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ar", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-as", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ast", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-az", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-be", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-bg", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-bn", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-br", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-bs", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ca", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-cak", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-cs", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-csb", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-cy", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-da", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-de", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-el", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-en", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-eo", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-es", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-et", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-eu", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-fa", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-fi", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-fr", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-fy", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ga", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-gd", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-gl", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-gn", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-gu", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-he", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-hi", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-hr", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-hsb", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-hu", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-hy", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ia", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-id", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-is", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-it", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ja", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ka", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-kab", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-kk", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-km", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-kn", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ko", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ku", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-lg", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-lt", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-lv", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-mai", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-mk", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ml", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-mn", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-mr", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ms", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-my", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-nb", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ne", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-nl", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-nn", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-nso", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-oc", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-or", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-pa", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-pl", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-pt", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ro", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ru", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-si", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-sk", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-sl", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-sq", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-sr", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-sv", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-sw", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-szl", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ta", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-te", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-th", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-tr", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-uk", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ur", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-uz", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-vi", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-xh", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-zh-hans", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-zh-hant", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-zu", "p-cpe:/a:canonical:ubuntu_linux:firefox-mozsymbols"], "id": "UBUNTU_USN-4926-1.NASL", "href": "https://www.tenable.com/plugins/nessus/148992", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-4926-1. The text\n# itself is copyright (C) Canonical, Inc. See\n# <https://ubuntu.com/security/notices>. Ubuntu(R) is a registered\n# trademark of Canonical, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(148992);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/10/16\");\n\n script_cve_id(\n \"CVE-2021-23994\",\n \"CVE-2021-23995\",\n \"CVE-2021-23996\",\n \"CVE-2021-23997\",\n \"CVE-2021-23998\",\n \"CVE-2021-23999\",\n \"CVE-2021-24000\",\n \"CVE-2021-24001\",\n \"CVE-2021-24002\",\n \"CVE-2021-29945\",\n \"CVE-2021-29946\",\n \"CVE-2021-29947\"\n );\n script_xref(name:\"USN\", value:\"4926-1\");\n\n script_name(english:\"Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : Firefox vulnerabilities (USN-4926-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Ubuntu host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 20.10 / 21.04 host has packages installed that are affected by\nmultiple vulnerabilities as referenced in the USN-4926-1 advisory. Note that Nessus has not tested for this issue but\nhas instead relied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://ubuntu.com/security/notices/USN-4926-1\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-29947\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/04/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/04/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/04/26\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:20.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-geckodriver\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-af\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-an\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-as\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ast\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-az\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-be\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-bg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-bn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-br\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-bs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ca\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-cak\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-cs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-csb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-cy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-da\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-de\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-el\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-en\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-eo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-es\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-et\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-eu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-fa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-fi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-fr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-fy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ga\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-gl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-gn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-gu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-he\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-hi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-hr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-hsb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-hu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-hy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ia\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-id\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-is\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-it\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ja\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ka\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-kab\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-kk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-km\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-kn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ko\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ku\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-lg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-lt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-lv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-mai\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-mk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-mn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-mr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-my\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-nb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ne\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-nl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-nn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-nso\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-oc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-or\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-pa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-pl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-pt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ro\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ru\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-si\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-sk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-sl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-sq\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-sr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-sv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-sw\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-szl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ta\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-te\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-th\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-tr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-uk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ur\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-uz\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-vi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-xh\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-zh-hans\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-zh-hant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-zu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-mozsymbols\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_copyright(english:\"Ubuntu Security Notice (C) 2021-2023 Canonical, Inc. / NASL script (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('debian_package.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/Ubuntu/release');\nif ( isnull(os_release) ) audit(AUDIT_OS_NOT, 'Ubuntu');\nos_release = chomp(os_release);\nif (! ('16.04' >< os_release || '18.04' >< os_release || '20.04' >< os_release)) audit(AUDIT_OS_NOT, 'Ubuntu 16.04 / 18.04 / 20.04', 'Ubuntu ' + os_release);\nif ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nvar pkgs = [\n {'osver': '16.04', 'pkgname': 'firefox', 'pkgver': '88.0+build2-0ubuntu0.16.04.1'},\n {'osver': '16.04', 'pkgname': 'firefox-dev', 'pkgver': '88.0+build2-0ubuntu0.16.04.1'},\n {'osver': '16.04', 'pkgname': 'firefox-geckodriver', 'pkgver': '88.0+build2-0ubuntu0.16.04.1'},\n {'osver': '16.04', 'pkgname': 'firefox-locale-af', 'pkgver': '88.0+build2-0ubuntu0.16.04.1'},\n {'osver': '16.04', 'pkgname': 'firefox-locale-an', 'pkgver': '88.0+build2-0ubuntu0.16.04.1'},\n {'osver': '16.04', 'pkgname': 'firefox-locale-ar', 'pkgver': '88.0+build2-0ubuntu0.16.04.1'},\n {'osver': '16.04', 'pkgname': 'firefox-locale-as', 'pkgver': '88.0+build2-0ubuntu0.16.04.1'},\n {'osver': '16.04', 'pkgname': 'firefox-locale-ast', 'pkgver': '88.0+build2-0ubuntu0.16.04.1'},\n {'osver': '16.04', 'pkgname': 'firefox-locale-az', 'pkgver': '88.0+build2-0ubuntu0.16.04.1'},\n {'osver': '16.04', 'pkgname': 'firefox-locale-be', 'pkgver': '88.0+build2-0ubuntu0.16.04.1'},\n {'osver': '16.04', 'pkgname': 'firefox-locale-bg', 'pkgver': '88.0+build2-0ubuntu0.16.04.1'},\n {'osver': '16.04', 'pkgname': 'firefox-locale-bn', 'pkgver': '88.0+build2-0ubuntu0.16.04.1'},\n {'osver': '16.04', 'pkgname': 'firefox-locale-br', 'pkgver': '88.0+build2-0ubuntu0.16.04.1'},\n {'osver': '16.04', 'pkgname': 'firefox-locale-bs', 'pkgver': '88.0+build2-0ubuntu0.16.04.1'},\n {'osver': '16.04', 'pkgname': 'firefox-locale-ca', 'pkgver': '88.0+build2-0ubuntu0.16.04.1'},\n {'osver': '16.04', 'pkgname': 'firefox-locale-cak', 'pkgver': '88.0+build2-0ubuntu0.16.04.1'},\n {'osver': '16.04', 'pkgname': 'firefox-locale-cs', 'pkgver': '88.0+build2-0ubuntu0.16.04.1'},\n {'osver': '16.04', 'pkgname': 'firefox-locale-csb', 'pkgver': '88.0+build2-0ubuntu0.16.04.1'},\n {'osver': '16.04', 'pkgname': 'firefox-locale-cy', 'pkgver': '88.0+build2-0ubuntu0.16.04.1'},\n {'osver': '16.04', 'pkgname': 'firefox-locale-da', 'pkgver': '88.0+build2-0ubuntu0.16.04.1'},\n {'osver': '16.04', 'pkgname': 'firefox-locale-de', 'pkgver': '88.0+build2-0ubuntu0.16.04.1'},\n {'osver': '16.04', 'pkgname': 'firefox-locale-el', 'pkgver': '88.0+build2-0ubuntu0.16.04.1'},\n {'osver': '16.04', 'pkgname': 'firefox-locale-en', 'pkgver': '88.0+build2-0ubuntu0.16.04.1'},\n {'osver': '16.04', 'pkgname': 'firefox-locale-eo', 'pkgver': '88.0+build2-0ubuntu0.16.04.1'},\n {'osver': '16.04', 'pkgname': 'firefox-locale-es', 'pkgver': '88.0+build2-0ubuntu0.16.04.1'},\n {'osver': '16.04', 'pkgname': 'firefox-locale-et', 'pkgver': '88.0+build2-0ubuntu0.16.04.1'},\n {'osver': '16.04', 'pkgname': 'firefox-locale-eu', 'pkgver': '88.0+build2-0ubuntu0.16.04.1'},\n {'osver': '16.04', 'pkgname': 'firefox-locale-fa', 'pkgver': '88.0+build2-0ubuntu0.16.04.1'},\n {'osver': '16.04', 'pkgname': 'firefox-locale-fi', 'pkgver': '88.0+build2-0ubuntu0.16.04.1'},\n {'osver': '16.04', 'pkgname': 'firefox-locale-fr', 'pkgver': '88.0+build2-0ubuntu0.16.04.1'},\n {'osver': '16.04', 'pkgname': 'firefox-locale-fy', 'pkgver': '88.0+build2-0ubuntu0.16.04.1'},\n {'osver': '16.04', 'pkgname': 'firefox-locale-ga', 'pkgver': '88.0+build2-0ubuntu0.16.04.1'},\n {'osver': '16.04', 'pkgname': 'firefox-locale-gd', 'pkgver': '88.0+build2-0ubuntu0.16.04.1'},\n {'osver': '16.04', 'pkgname': 'firefox-locale-gl', 'pkgver': '88.0+build2-0ubuntu0.16.04.1'},\n {'osver': '16.04', 'pkgname': 'firefox-locale-gn', 'pkgver': '88.0+build2-0ubuntu0.16.04.1'},\n {'osver': '16.04', 'pkgname': 'firefox-locale-gu', 'pkgver': '88.0+build2-0ubuntu0.16.04.1'},\n {'osver': '16.04', 'pkgname': 'firefox-locale-he', 'pkgver': '88.0+build2-0ubuntu0.16.04.1'},\n {'osver': '16.04', 'pkgname': 'firefox-locale-hi', 'pkgver': '88.0+build2-0ubuntu0.16.04.1'},\n {'osver': '16.04', 'pkgname': 'firefox-locale-hr', 'pkgver': '88.0+build2-0ubuntu0.16.04.1'},\n {'osver': '16.04', 'pkgname': 'firefox-locale-hsb', 'pkgver': '88.0+build2-0ubuntu0.16.04.1'},\n {'osver': '16.04', 'pkgname': 'firefox-locale-hu', 'pkgver': '88.0+build2-0ubuntu0.16.04.1'},\n {'osver': '16.04', 'pkgname': 'firefox-locale-hy', 'pkgver': '88.0+build2-0ubuntu0.16.04.1'},\n {'osver': '16.04', 'pkgname': 'firefox-locale-ia', 'pkgver': '88.0+build2-0ubuntu0.16.04.1'},\n {'osver': '16.04', 'pkgname': 'firefox-locale-id', 'pkgver': '88.0+build2-0ubuntu0.16.04.1'},\n {'osver': '16.04', 'pkgname': 'firefox-locale-is', 'pkgver': '88.0+build2-0ubuntu0.16.04.1'},\n {'osver': '16.04', 'pkgname': 'firefox-locale-it', 'pkgver': '88.0+build2-0ubuntu0.16.04.1'},\n {'osver': '16.04', 'pkgname': 'firefox-locale-ja', 'pkgver': '88.0+build2-0ubuntu0.16.04.1'},\n {'osver': '16.04', 'pkgname': 'firefox-locale-ka', 'pkgver': '88.0+build2-0ubuntu0.16.04.1'},\n {'osver': '16.04', 'pkgname': 'firefox-locale-kab', 'pkgver': '88.0+build2-0ubuntu0.16.04.1'},\n {'osver': '16.04', 'pkgname': 'firefox-locale-kk', 'pkgver': '88.0+build2-0ubuntu0.16.04.1'},\n {'osver': '16.04', 'pkgname': 'firefox-locale-km', 'pkgver': '88.0+build2-0ubuntu0.16.04.1'},\n {'osver': '16.04', 'pkgname': 'firefox-locale-kn', 'pkgver': '88.0+build2-0ubuntu0.16.04.1'},\n {'osver': '16.04', 'pkgname': 'firefox-locale-ko', 'pkgver': '88.0+build2-0ubuntu0.16.04.1'},\n {'osver': '16.04', 'pkgname': 'firefox-locale-ku', 'pkgver': '88.0+build2-0ubuntu0.16.04.1'},\n {'osver': '16.04', 'pkgname': 'firefox-locale-lg', 'pkgver': '88.0+build2-0ubuntu0.16.04.1'},\n {'osver': '16.04', 'pkgname': 'firefox-locale-lt', 'pkgver': '88.0+build2-0ubuntu0.16.04.1'},\n {'osver': '16.04', 'pkgname': 'firefox-locale-lv', 'pkgver': '88.0+build2-0ubuntu0.16.04.1'},\n {'osver': '16.04', 'pkgname': 'firefox-locale-mai', 'pkgver': '88.0+build2-0ubuntu0.16.04.1'},\n {'osver': '16.04', 'pkgname': 'firefox-locale-mk', 'pkgver': '88.0+build2-0ubuntu0.16.04.1'},\n {'osver': '16.04', 'pkgname': 'firefox-locale-ml', 'pkgver': '88.0+build2-0ubuntu0.16.04.1'},\n {'osver': '16.04', 'pkgname': 'firefox-locale-mn', 'pkgver': '88.0+build2-0ubuntu0.16.04.1'},\n {'osver': '16.04', 'pkgname': 'firefox-locale-mr', 'pkgver': '88.0+build2-0ubuntu0.16.04.1'},\n {'osver': '16.04', 'pkgname': 'firefox-locale-ms', 'pkgver': '88.0+build2-0ubuntu0.16.04.1'},\n {'osver': '16.04', 'pkgname': 'firefox-locale-my', 'pkgver': '88.0+build2-0ubuntu0.16.04.1'},\n {'osver': '16.04', 'pkgname': 'firefox-locale-nb', 'pkgver': '88.0+build2-0ubuntu0.16.04.1'},\n {'osver': '16.04', 'pkgname': 'firefox-locale-ne', 'pkgver': '88.0+build2-0ubuntu0.16.04.1'},\n {'osver': '16.04', 'pkgname': 'firefox-locale-nl', 'pkgver': '88.0+build2-0ubuntu0.16.04.1'},\n {'osver': '16.04', 'pkgname': 'firefox-locale-nn', 'pkgver': '88.0+build2-0ubuntu0.16.04.1'},\n {'osver': '16.04', 'pkgname': 'firefox-locale-nso', 'pkgver': '88.0+build2-0ubuntu0.16.04.1'},\n {'osver': '16.04', 'pkgname': 'firefox-locale-oc', 'pkgver': '88.0+build2-0ubuntu0.16.04.1'},\n {'osver': '16.04', 'pkgname': 'firefox-locale-or', 'pkgver': '88.0+build2-0ubuntu0.16.04.1'},\n {'osver': '16.04', 'pkgname': 'firefox-locale-pa', 'pkgver': '88.0+build2-0ubuntu0.16.04.1'},\n {'osver': '16.04', 'pkgname': 'firefox-locale-pl', 'pkgver': '88.0+build2-0ubuntu0.16.04.1'},\n {'osver': '16.04', 'pkgname': 'firefox-locale-pt', 'pkgver': '88.0+build2-0ubuntu0.16.04.1'},\n {'osver': '16.04', 'pkgname': 'firefox-locale-ro', 'pkgver': '88.0+build2-0ubuntu0.16.04.1'},\n {'osver': '16.04', 'pkgname': 'firefox-locale-ru', 'pkgver': '88.0+build2-0ubuntu0.16.04.1'},\n {'osver': '16.04', 'pkgname': 'firefox-locale-si', 'pkgver': '88.0+build2-0ubuntu0.16.04.1'},\n {'osver': '16.04', 'pkgname': 'firefox-locale-sk', 'pkgver': '88.0+build2-0ubuntu0.16.04.1'},\n {'osver': '16.04', 'pkgname': 'firefox-locale-sl', 'pkgver': '88.0+build2-0ubuntu0.16.04.1'},\n {'osver': '16.04', 'pkgname': 'firefox-locale-sq', 'pkgver': '88.0+build2-0ubuntu0.16.04.1'},\n {'osver': '16.04', 'pkgname': 'firefox-locale-sr', 'pkgver': '88.0+build2-0ubuntu0.16.04.1'},\n {'osver': '16.04', 'pkgname': 'firefox-locale-sv', 'pkgver': '88.0+build2-0ubuntu0.16.04.1'},\n {'osver': '16.04', 'pkgname': 'firefox-locale-sw', 'pkgver': '88.0+build2-0ubuntu0.16.04.1'},\n {'osver': '16.04', 'pkgname': 'firefox-locale-szl', 'pkgver': '88.0+build2-0ubuntu0.16.04.1'},\n {'osver': '16.04', 'pkgname': 'firefox-locale-ta', 'pkgver': '88.0+build2-0ubuntu0.16.04.1'},\n {'osver': '16.04', 'pkgname': 'firefox-locale-te', 'pkgver': '88.0+build2-0ubuntu0.16.04.1'},\n {'osver': '16.04', 'pkgname': 'firefox-locale-th', 'pkgver': '88.0+build2-0ubuntu0.16.04.1'},\n {'osver': '16.04', 'pkgname': 'firefox-locale-tr', 'pkgver': '88.0+build2-0ubuntu0.16.04.1'},\n {'osver': '16.04', 'pkgname': 'firefox-locale-uk', 'pkgver': '88.0+build2-0ubuntu0.16.04.1'},\n {'osver': '16.04', 'pkgname': 'firefox-locale-ur', 'pkgver': '88.0+build2-0ubuntu0.16.04.1'},\n {'osver': '16.04', 'pkgname': 'firefox-locale-uz', 'pkgver': '88.0+build2-0ubuntu0.16.04.1'},\n {'osver': '16.04', 'pkgname': 'firefox-locale-vi', 'pkgver': '88.0+build2-0ubuntu0.16.04.1'},\n {'osver': '16.04', 'pkgname': 'firefox-locale-xh', 'pkgver': '88.0+build2-0ubuntu0.16.04.1'},\n {'osver': '16.04', 'pkgname': 'firefox-locale-zh-hans', 'pkgver': '88.0+build2-0ubuntu0.16.04.1'},\n {'osver': '16.04', 'pkgname': 'firefox-locale-zh-hant', 'pkgver': '88.0+build2-0ubuntu0.16.04.1'},\n {'osver': '16.04', 'pkgname': 'firefox-locale-zu', 'pkgver': '88.0+build2-0ubuntu0.16.04.1'},\n {'osver': '16.04', 'pkgname': 'firefox-mozsymbols', 'pkgver': '88.0+build2-0ubuntu0.16.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox', 'pkgver': '88.0+build2-0ubuntu0.18.04.2'},\n {'osver': '18.04', 'pkgname': 'firefox-dev', 'pkgver': '88.0+build2-0ubuntu0.18.04.2'},\n {'osver': '18.04', 'pkgname': 'firefox-geckodriver', 'pkgver': '88.0+build2-0ubuntu0.18.04.2'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-af', 'pkgver': '88.0+build2-0ubuntu0.18.04.2'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-an', 'pkgver': '88.0+build2-0ubuntu0.18.04.2'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-ar', 'pkgver': '88.0+build2-0ubuntu0.18.04.2'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-as', 'pkgver': '88.0+build2-0ubuntu0.18.04.2'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-ast', 'pkgver': '88.0+build2-0ubuntu0.18.04.2'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-az', 'pkgver': '88.0+build2-0ubuntu0.18.04.2'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-be', 'pkgver': '88.0+build2-0ubuntu0.18.04.2'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-bg', 'pkgver': '88.0+build2-0ubuntu0.18.04.2'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-bn', 'pkgver': '88.0+build2-0ubuntu0.18.04.2'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-br', 'pkgver': '88.0+build2-0ubuntu0.18.04.2'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-bs', 'pkgver': '88.0+build2-0ubuntu0.18.04.2'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-ca', 'pkgver': '88.0+build2-0ubuntu0.18.04.2'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-cak', 'pkgver': '88.0+build2-0ubuntu0.18.04.2'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-cs', 'pkgver': '88.0+build2-0ubuntu0.18.04.2'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-csb', 'pkgver': '88.0+build2-0ubuntu0.18.04.2'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-cy', 'pkgver': '88.0+build2-0ubuntu0.18.04.2'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-da', 'pkgver': '88.0+build2-0ubuntu0.18.04.2'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-de', 'pkgver': '88.0+build2-0ubuntu0.18.04.2'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-el', 'pkgver': '88.0+build2-0ubuntu0.18.04.2'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-en', 'pkgver': '88.0+build2-0ubuntu0.18.04.2'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-eo', 'pkgver': '88.0+build2-0ubuntu0.18.04.2'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-es', 'pkgver': '88.0+build2-0ubuntu0.18.04.2'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-et', 'pkgver': '88.0+build2-0ubuntu0.18.04.2'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-eu', 'pkgver': '88.0+build2-0ubuntu0.18.04.2'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-fa', 'pkgver': '88.0+build2-0ubuntu0.18.04.2'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-fi', 'pkgver': '88.0+build2-0ubuntu0.18.04.2'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-fr', 'pkgver': '88.0+build2-0ubuntu0.18.04.2'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-fy', 'pkgver': '88.0+build2-0ubuntu0.18.04.2'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-ga', 'pkgver': '88.0+build2-0ubuntu0.18.04.2'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-gd', 'pkgver': '88.0+build2-0ubuntu0.18.04.2'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-gl', 'pkgver': '88.0+build2-0ubuntu0.18.04.2'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-gn', 'pkgver': '88.0+build2-0ubuntu0.18.04.2'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-gu', 'pkgver': '88.0+build2-0ubuntu0.18.04.2'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-he', 'pkgver': '88.0+build2-0ubuntu0.18.04.2'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-hi', 'pkgver': '88.0+build2-0ubuntu0.18.04.2'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-hr', 'pkgver': '88.0+build2-0ubuntu0.18.04.2'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-hsb', 'pkgver': '88.0+build2-0ubuntu0.18.04.2'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-hu', 'pkgver': '88.0+build2-0ubuntu0.18.04.2'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-hy', 'pkgver': '88.0+build2-0ubuntu0.18.04.2'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-ia', 'pkgver': '88.0+build2-0ubuntu0.18.04.2'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-id', 'pkgver': '88.0+build2-0ubuntu0.18.04.2'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-is', 'pkgver': '88.0+build2-0ubuntu0.18.04.2'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-it', 'pkgver': '88.0+build2-0ubuntu0.18.04.2'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-ja', 'pkgver': '88.0+build2-0ubuntu0.18.04.2'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-ka', 'pkgver': '88.0+build2-0ubuntu0.18.04.2'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-kab', 'pkgver': '88.0+build2-0ubuntu0.18.04.2'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-kk', 'pkgver': '88.0+build2-0ubuntu0.18.04.2'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-km', 'pkgver': '88.0+build2-0ubuntu0.18.04.2'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-kn', 'pkgver': '88.0+build2-0ubuntu0.18.04.2'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-ko', 'pkgver': '88.0+build2-0ubuntu0.18.04.2'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-ku', 'pkgver': '88.0+build2-0ubuntu0.18.04.2'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-lg', 'pkgver': '88.0+build2-0ubuntu0.18.04.2'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-lt', 'pkgver': '88.0+build2-0ubuntu0.18.04.2'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-lv', 'pkgver': '88.0+build2-0ubuntu0.18.04.2'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-mai', 'pkgver': '88.0+build2-0ubuntu0.18.04.2'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-mk', 'pkgver': '88.0+build2-0ubuntu0.18.04.2'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-ml', 'pkgver': '88.0+build2-0ubuntu0.18.04.2'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-mn', 'pkgver': '88.0+build2-0ubuntu0.18.04.2'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-mr', 'pkgver': '88.0+build2-0ubuntu0.18.04.2'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-ms', 'pkgver': '88.0+build2-0ubuntu0.18.04.2'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-my', 'pkgver': '88.0+build2-0ubuntu0.18.04.2'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-nb', 'pkgver': '88.0+build2-0ubuntu0.18.04.2'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-ne', 'pkgver': '88.0+build2-0ubuntu0.18.04.2'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-nl', 'pkgver': '88.0+build2-0ubuntu0.18.04.2'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-nn', 'pkgver': '88.0+build2-0ubuntu0.18.04.2'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-nso', 'pkgver': '88.0+build2-0ubuntu0.18.04.2'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-oc', 'pkgver': '88.0+build2-0ubuntu0.18.04.2'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-or', 'pkgver': '88.0+build2-0ubuntu0.18.04.2'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-pa', 'pkgver': '88.0+build2-0ubuntu0.18.04.2'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-pl', 'pkgver': '88.0+build2-0ubuntu0.18.04.2'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-pt', 'pkgver': '88.0+build2-0ubuntu0.18.04.2'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-ro', 'pkgver': '88.0+build2-0ubuntu0.18.04.2'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-ru', 'pkgver': '88.0+build2-0ubuntu0.18.04.2'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-si', 'pkgver': '88.0+build2-0ubuntu0.18.04.2'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-sk', 'pkgver': '88.0+build2-0ubuntu0.18.04.2'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-sl', 'pkgver': '88.0+build2-0ubuntu0.18.04.2'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-sq', 'pkgver': '88.0+build2-0ubuntu0.18.04.2'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-sr', 'pkgver': '88.0+build2-0ubuntu0.18.04.2'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-sv', 'pkgver': '88.0+build2-0ubuntu0.18.04.2'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-sw', 'pkgver': '88.0+build2-0ubuntu0.18.04.2'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-szl', 'pkgver': '88.0+build2-0ubuntu0.18.04.2'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-ta', 'pkgver': '88.0+build2-0ubuntu0.18.04.2'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-te', 'pkgver': '88.0+build2-0ubuntu0.18.04.2'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-th', 'pkgver': '88.0+build2-0ubuntu0.18.04.2'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-tr', 'pkgver': '88.0+build2-0ubuntu0.18.04.2'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-uk', 'pkgver': '88.0+build2-0ubuntu0.18.04.2'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-ur', 'pkgver': '88.0+build2-0ubuntu0.18.04.2'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-uz', 'pkgver': '88.0+build2-0ubuntu0.18.04.2'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-vi', 'pkgver': '88.0+build2-0ubuntu0.18.04.2'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-xh', 'pkgver': '88.0+build2-0ubuntu0.18.04.2'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-zh-hans', 'pkgver': '88.0+build2-0ubuntu0.18.04.2'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-zh-hant', 'pkgver': '88.0+build2-0ubuntu0.18.04.2'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-zu', 'pkgver': '88.0+build2-0ubuntu0.18.04.2'},\n {'osver': '18.04', 'pkgname': 'firefox-mozsymbols', 'pkgver': '88.0+build2-0ubuntu0.18.04.2'},\n {'osver': '20.04', 'pkgname': 'firefox', 'pkgver': '88.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-dev', 'pkgver': '88.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-geckodriver', 'pkgver': '88.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-af', 'pkgver': '88.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-an', 'pkgver': '88.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-ar', 'pkgver': '88.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-as', 'pkgver': '88.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-ast', 'pkgver': '88.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-az', 'pkgver': '88.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-be', 'pkgver': '88.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-bg', 'pkgver': '88.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-bn', 'pkgver': '88.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-br', 'pkgver': '88.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-bs', 'pkgver': '88.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-ca', 'pkgver': '88.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-cak', 'pkgver': '88.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-cs', 'pkgver': '88.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-csb', 'pkgver': '88.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-cy', 'pkgver': '88.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-da', 'pkgver': '88.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-de', 'pkgver': '88.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-el', 'pkgver': '88.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-en', 'pkgver': '88.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-eo', 'pkgver': '88.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-es', 'pkgver': '88.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-et', 'pkgver': '88.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-eu', 'pkgver': '88.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-fa', 'pkgver': '88.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-fi', 'pkgver': '88.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-fr', 'pkgver': '88.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-fy', 'pkgver': '88.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-ga', 'pkgver': '88.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-gd', 'pkgver': '88.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-gl', 'pkgver': '88.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-gn', 'pkgver': '88.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-gu', 'pkgver': '88.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-he', 'pkgver': '88.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-hi', 'pkgver': '88.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-hr', 'pkgver': '88.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-hsb', 'pkgver': '88.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-hu', 'pkgver': '88.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-hy', 'pkgver': '88.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-ia', 'pkgver': '88.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-id', 'pkgver': '88.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-is', 'pkgver': '88.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-it', 'pkgver': '88.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-ja', 'pkgver': '88.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-ka', 'pkgver': '88.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-kab', 'pkgver': '88.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-kk', 'pkgver': '88.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-km', 'pkgver': '88.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-kn', 'pkgver': '88.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-ko', 'pkgver': '88.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-ku', 'pkgver': '88.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-lg', 'pkgver': '88.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-lt', 'pkgver': '88.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-lv', 'pkgver': '88.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-mai', 'pkgver': '88.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-mk', 'pkgver': '88.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-ml', 'pkgver': '88.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-mn', 'pkgver': '88.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-mr', 'pkgver': '88.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-ms', 'pkgver': '88.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-my', 'pkgver': '88.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-nb', 'pkgver': '88.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-ne', 'pkgver': '88.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-nl', 'pkgver': '88.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-nn', 'pkgver': '88.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-nso', 'pkgver': '88.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-oc', 'pkgver': '88.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-or', 'pkgver': '88.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-pa', 'pkgver': '88.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-pl', 'pkgver': '88.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-pt', 'pkgver': '88.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-ro', 'pkgver': '88.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-ru', 'pkgver': '88.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-si', 'pkgver': '88.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-sk', 'pkgver': '88.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-sl', 'pkgver': '88.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-sq', 'pkgver': '88.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-sr', 'pkgver': '88.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-sv', 'pkgver': '88.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-sw', 'pkgver': '88.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-szl', 'pkgver': '88.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-ta', 'pkgver': '88.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-te', 'pkgver': '88.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-th', 'pkgver': '88.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-tr', 'pkgver': '88.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-uk', 'pkgver': '88.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-ur', 'pkgver': '88.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-uz', 'pkgver': '88.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-vi', 'pkgver': '88.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-xh', 'pkgver': '88.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-zh-hans', 'pkgver': '88.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-zh-hant', 'pkgver': '88.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-zu', 'pkgver': '88.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-mozsymbols', 'pkgver': '88.0+build2-0ubuntu0.20.04.1'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var osver = NULL;\n var pkgname = NULL;\n var pkgver = NULL;\n if (!empty_or_null(package_array['osver'])) osver = package_array['osver'];\n if (!empty_or_null(package_array['pkgname'])) pkgname = package_array['pkgname'];\n if (!empty_or_null(package_array['pkgver'])) pkgver = package_array['pkgver'];\n if (osver && pkgname && pkgver) {\n if (ubuntu_check(osver:osver, pkgname:pkgname, pkgver:pkgver)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'firefox / firefox-dev / firefox-geckodriver / firefox-locale-af / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:27:21", "description": "The version of Firefox installed on the remote macOS or Mac OS X host is prior to 88.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2021-16 advisory.\n\n - A WebGL framebuffer was not initialized early enough, resulting in memory corruption and an out of bound write. (CVE-2021-23994)\n\n - When Responsive Design Mode was enabled, it used references to objects that were previously freed. We presume that with enough effort this could have been exploited to run arbitrary code. (CVE-2021-23995)\n\n - By utilizing 3D CSS in conjunction with Javascript, content could have been rendered outside the webpage's viewport, resulting in a spoofing attack that could have been used for phishing or other attacks on a user. (CVE-2021-23996)\n\n - Due to unexpected data type conversions, a use-after-free could have occurred when interacting with the font cache. We presume that with enough effort this could have been exploited to run arbitrary code.\n (CVE-2021-23997)\n\n - Through complicated navigations with new windows, an HTTP page could have inherited a secure lock icon from an HTTPS page. (CVE-2021-23998)\n\n - If a Blob URL was loaded through some unusual user interaction, it could have been loaded by the System Principal and granted additional privileges that should not be granted to web content. (CVE-2021-23999)\n\n - A race condition with requestPointerLock() and setTimeout() could have resulted in a user interacting with one tab when they believed they were on a separate tab. In conjunction with certain elements (such as <input type=file>) this could have led to an attack where a user was confused about the origin of the webpage and potentially disclosed information they did not intend to. (CVE-2021-24000)\n\n - A compromised content process could have performed session history manipulations it should not have been able to due to testing infrastructure that was not restricted to testing-only configurations.\n (CVE-2021-24001)\n\n - When a user clicked on an FTP URL containing encoded newline characters (%0A and %0D), the newlines would have been interpreted as such and allowed arbitrary commands to be sent to the FTP server.\n (CVE-2021-24002)\n\n - The WebAssembly JIT could miscalculate the size of a return type, which could lead to a null read and result in a crash. Note: This issue only affected x86-32 platforms. Other platforms are unaffected.\n (CVE-2021-29945)\n\n - Lack of escaping allowed HTML injection when a webpage was viewed in Reader View. While a Content Security Policy prevents direct code execution, HTML injection is still possible.Note: This issue only affected Firefox for Android. Other operating systems are unaffected. (CVE-2021-29944)\n\n - Ports that were written as an integer overflow above the bounds of a 16-bit integer could have bypassed port blocking restrictions when used in the Alt-Svc header. (CVE-2021-29946)\n\n - Mozilla developers and community members Ryan VanderMeulen, Sean Feng, Tyson Smith, Julian Seward, Christian Holler reported memory safety bugs present in Firefox 87. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. (CVE-2021-29947)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-04-19T00:00:00", "type": "nessus", "title": "Mozilla Firefox < 88.0", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-23994", "CVE-2021-23995", "CVE-2021-23996", "CVE-2021-23997", "CVE-2021-23998", "CVE-2021-23999", "CVE-2021-24000", "CVE-2021-24001", "CVE-2021-24002", "CVE-2021-29944", "CVE-2021-29945", "CVE-2021-29946", "CVE-2021-29947"], "modified": "2021-08-19T00:00:00", "cpe": ["cpe:/a:mozilla:firefox"], "id": "MACOS_FIREFOX_88_0.NASL", "href": "https://www.tenable.com/plugins/nessus/148766", "sourceData": "## \n# (C) Tenable Network Security, Inc.\n# \n# The descriptive text and package checks in this plugin were\n# extracted from Mozilla Foundation Security Advisory mfsa2021-16.\n# The text itself is copyright (C) Mozilla Foundation.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(148766);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/08/19\");\n\n script_cve_id(\n \"CVE-2021-23994\",\n \"CVE-2021-23995\",\n \"CVE-2021-23996\",\n \"CVE-2021-23997\",\n \"CVE-2021-23998\",\n \"CVE-2021-23999\",\n \"CVE-2021-24000\",\n \"CVE-2021-24001\",\n \"CVE-2021-24002\",\n \"CVE-2021-29944\",\n \"CVE-2021-29945\",\n \"CVE-2021-29946\",\n \"CVE-2021-29947\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0185-S\");\n\n script_name(english:\"Mozilla Firefox < 88.0\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A web browser installed on the remote macOS or Mac OS X host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Firefox installed on the remote macOS or Mac OS X host is prior to 88.0. It is, therefore, affected by\nmultiple vulnerabilities as referenced in the mfsa2021-16 advisory.\n\n - A WebGL framebuffer was not initialized early enough, resulting in memory corruption and an out of bound\n write. (CVE-2021-23994)\n\n - When Responsive Design Mode was enabled, it used references to objects that were previously freed. We\n presume that with enough effort this could have been exploited to run arbitrary code. (CVE-2021-23995)\n\n - By utilizing 3D CSS in conjunction with Javascript, content could have been rendered outside the webpage's\n viewport, resulting in a spoofing attack that could have been used for phishing or other attacks on a\n user. (CVE-2021-23996)\n\n - Due to unexpected data type conversions, a use-after-free could have occurred when interacting with the\n font cache. We presume that with enough effort this could have been exploited to run arbitrary code.\n (CVE-2021-23997)\n\n - Through complicated navigations with new windows, an HTTP page could have inherited a secure lock icon\n from an HTTPS page. (CVE-2021-23998)\n\n - If a Blob URL was loaded through some unusual user interaction, it could have been loaded by the System\n Principal and granted additional privileges that should not be granted to web content. (CVE-2021-23999)\n\n - A race condition with requestPointerLock() and setTimeout() could have resulted\n in a user interacting with one tab when they believed they were on a separate tab. In conjunction with\n certain elements (such as <input type=file>) this could have led to an attack where a\n user was confused about the origin of the webpage and potentially disclosed information they did not\n intend to. (CVE-2021-24000)\n\n - A compromised content process could have performed session history manipulations it should not have been\n able to due to testing infrastructure that was not restricted to testing-only configurations.\n (CVE-2021-24001)\n\n - When a user clicked on an FTP URL containing encoded newline characters (%0A and %0D), the newlines would\n have been interpreted as such and allowed arbitrary commands to be sent to the FTP server.\n (CVE-2021-24002)\n\n - The WebAssembly JIT could miscalculate the size of a return type, which could lead to a null read and\n result in a crash. Note: This issue only affected x86-32 platforms. Other platforms are unaffected.\n (CVE-2021-29945)\n\n - Lack of escaping allowed HTML injection when a webpage was viewed in Reader View. While a Content Security\n Policy prevents direct code execution, HTML injection is still possible.Note: This issue only affected\n Firefox for Android. Other operating systems are unaffected. (CVE-2021-29944)\n\n - Ports that were written as an integer overflow above the bounds of a 16-bit integer could have bypassed\n port blocking restrictions when used in the Alt-Svc header. (CVE-2021-29946)\n\n - Mozilla developers and community members Ryan VanderMeulen, Sean Feng, Tyson Smith, Julian Seward,\n Christian Holler reported memory safety bugs present in Firefox 87. Some of these bugs showed evidence of\n memory corruption and we presume that with enough effort some of these could have been exploited to run\n arbitrary code. (CVE-2021-29947)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2021-16/\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Mozilla Firefox version 88.0 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-29947\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/04/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/04/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/04/19\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:mozilla:firefox\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"macosx_firefox_installed.nasl\");\n script_require_keys(\"MacOSX/Firefox/Installed\");\n\n exit(0);\n}\n\ninclude('mozilla_version.inc');\n\nkb_base = 'MacOSX/Firefox';\nget_kb_item_or_exit(kb_base+'/Installed');\n\nversion = get_kb_item_or_exit(kb_base+'/Version', exit_code:1);\npath = get_kb_item_or_exit(kb_base+'/Path', exit_code:1);\n\nis_esr = get_kb_item(kb_base+'/is_esr');\nif (is_esr) exit(0, 'The Mozilla Firefox installation is in the ESR branch.');\n\nmozilla_check_version(version:version, path:path, product:'firefox', esr:FALSE, fix:'88.0', severity:SECURITY_WARNING);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:27:35", "description": "The version of Firefox installed on the remote Windows host is prior to 88.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2021-16 advisory.\n\n - A WebGL framebuffer was not initialized early enough, resulting in memory corruption and an out of bound write. (CVE-2021-23994)\n\n - When Responsive Design Mode was enabled, it used references to objects that were previously freed. We presume that with enough effort this could have been exploited to run arbitrary code. (CVE-2021-23995)\n\n - By utilizing 3D CSS in conjunction with Javascript, content could have been rendered outside the webpage's viewport, resulting in a spoofing attack that could have been used for phishing or other attacks on a user. (CVE-2021-23996)\n\n - Due to unexpected data type conversions, a use-after-free could have occurred when interacting with the font cache. We presume that with enough effort this could have been exploited to run arbitrary code.\n (CVE-2021-23997)\n\n - Through complicated navigations with new windows, an HTTP page could have inherited a secure lock icon from an HTTPS page. (CVE-2021-23998)\n\n - If a Blob URL was loaded through some unusual user interaction, it could have been loaded by the System Principal and granted additional privileges that should not be granted to web content. (CVE-2021-23999)\n\n - A race condition with requestPointerLock() and setTimeout() could have resulted in a user interacting with one tab when they believed they were on a separate tab. In conjunction with certain elements (such as <input type=file>) this could have led to an attack where a user was confused about the origin of the webpage and potentially disclosed information they did not intend to. (CVE-2021-24000)\n\n - A compromised content process could have performed session history manipulations it should not have been able to due to testing infrastructure that was not restricted to testing-only configurations.\n (CVE-2021-24001)\n\n - When a user clicked on an FTP URL containing encoded newline characters (%0A and %0D), the newlines would have been interpreted as such and allowed arbitrary commands to be sent to the FTP server.\n (CVE-2021-24002)\n\n - The WebAssembly JIT could miscalculate the size of a return type, which could lead to a null read and result in a crash. Note: This issue only affected x86-32 platforms. Other platforms are unaffected.\n (CVE-2021-29945)\n\n - Lack of escaping allowed HTML injection when a webpage was viewed in Reader View. While a Content Security Policy prevents direct code execution, HTML injection is still possible.Note: This issue only affected Firefox for Android. Other operating systems are unaffected. (CVE-2021-29944)\n\n - Ports that were written as an integer overflow above the bounds of a 16-bit integer could have bypassed port blocking restrictions when used in the Alt-Svc header. (CVE-2021-29946)\n\n - Mozilla developers and community members Ryan VanderMeulen, Sean Feng, Tyson Smith, Julian Seward, Christian Holler reported memory safety bugs present in Firefox 87. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. (CVE-2021-29947)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-04-19T00:00:00", "type": "nessus", "title": "Mozilla Firefox < 88.0", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-23994", "CVE-2021-23995", "CVE-2021-23996", "CVE-2021-23997", "CVE-2021-23998", "CVE-2021-23999", "CVE-2021-24000", "CVE-2021-24001", "CVE-2021-24002", "CVE-2021-29944", "CVE-2021-29945", "CVE-2021-29946", "CVE-2021-29947"], "modified": "2021-08-19T00:00:00", "cpe": ["cpe:/a:mozilla:firefox"], "id": "MOZILLA_FIREFOX_88_0.NASL", "href": "https://www.tenable.com/plugins/nessus/148767", "sourceData": "## \n# (C) Tenable Network Security, Inc.\n# \n# The descriptive text and package checks in this plugin were\n# extracted from Mozilla Foundation Security Advisory mfsa2021-16.\n# The text itself is copyright (C) Mozilla Foundation.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(148767);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/08/19\");\n\n script_cve_id(\n \"CVE-2021-23994\",\n \"CVE-2021-23995\",\n \"CVE-2021-23996\",\n \"CVE-2021-23997\",\n \"CVE-2021-23998\",\n \"CVE-2021-23999\",\n \"CVE-2021-24000\",\n \"CVE-2021-24001\",\n \"CVE-2021-24002\",\n \"CVE-2021-29944\",\n \"CVE-2021-29945\",\n \"CVE-2021-29946\",\n \"CVE-2021-29947\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0185-S\");\n\n script_name(english:\"Mozilla Firefox < 88.0\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A web browser installed on the remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Firefox installed on the remote Windows host is prior to 88.0. It is, therefore, affected by multiple\nvulnerabilities as referenced in the mfsa2021-16 advisory.\n\n - A WebGL framebuffer was not initialized early enough, resulting in memory corruption and an out of bound\n write. (CVE-2021-23994)\n\n - When Responsive Design Mode was enabled, it used references to objects that were previously freed. We\n presume that with enough effort this could have been exploited to run arbitrary code. (CVE-2021-23995)\n\n - By utilizing 3D CSS in conjunction with Javascript, content could have been rendered outside the webpage's\n viewport, resulting in a spoofing attack that could have been used for phishing or other attacks on a\n user. (CVE-2021-23996)\n\n - Due to unexpected data type conversions, a use-after-free could have occurred when interacting with the\n font cache. We presume that with enough effort this could have been exploited to run arbitrary code.\n (CVE-2021-23997)\n\n - Through complicated navigations with new windows, an HTTP page could have inherited a secure lock icon\n from an HTTPS page. (CVE-2021-23998)\n\n - If a Blob URL was loaded through some unusual user interaction, it could have been loaded by the System\n Principal and granted additional privileges that should not be granted to web content. (CVE-2021-23999)\n\n - A race condition with requestPointerLock() and setTimeout() could have resulted\n in a user interacting with one tab when they believed they were on a separate tab. In conjunction with\n certain elements (such as <input type=file>) this could have led to an attack where a\n user was confused about the origin of the webpage and potentially disclosed information they did not\n intend to. (CVE-2021-24000)\n\n - A compromised content process could have performed session history manipulations it should not have been\n able to due to testing infrastructure that was not restricted to testing-only configurations.\n (CVE-2021-24001)\n\n - When a user clicked on an FTP URL containing encoded newline characters (%0A and %0D), the newlines would\n have been interpreted as such and allowed arbitrary commands to be sent to the FTP server.\n (CVE-2021-24002)\n\n - The WebAssembly JIT could miscalculate the size of a return type, which could lead to a null read and\n result in a crash. Note: This issue only affected x86-32 platforms. Other platforms are unaffected.\n (CVE-2021-29945)\n\n - Lack of escaping allowed HTML injection when a webpage was viewed in Reader View. While a Content Security\n Policy prevents direct code execution, HTML injection is still possible.Note: This issue only affected\n Firefox for Android. Other operating systems are unaffected. (CVE-2021-29944)\n\n - Ports that were written as an integer overflow above the bounds of a 16-bit integer could have bypassed\n port blocking restrictions when used in the Alt-Svc header. (CVE-2021-29946)\n\n - Mozilla developers and community members Ryan VanderMeulen, Sean Feng, Tyson Smith, Julian Seward,\n Christian Holler reported memory safety bugs present in Firefox 87. Some of these bugs showed evidence of\n memory corruption and we presume that with enough effort some of these could have been exploited to run\n arbitrary code. (CVE-2021-29947)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2021-16/\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Mozilla Firefox version 88.0 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-29947\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/04/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/04/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/04/19\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:mozilla:firefox\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"mozilla_org_installed.nasl\");\n script_require_keys(\"Mozilla/Firefox/Version\");\n\n exit(0);\n}\n\ninclude('mozilla_version.inc');\n\nport = get_kb_item('SMB/transport');\nif (!port) port = 445;\n\ninstalls = get_kb_list('SMB/Mozilla/Firefox/*');\nif (isnull(installs)) audit(AUDIT_NOT_INST, 'Firefox');\n\nmozilla_check_version(installs:installs, product:'firefox', esr:FALSE, fix:'88.0', severity:SECURITY_WARNING);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:27:03", "description": "Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, information disclosure, privilege escalation or spoofing.", "cvss3": {}, "published": "2021-04-22T00:00:00", "type": "nessus", "title": "Debian DSA-4895-1 : firefox-esr - security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-23961", "CVE-2021-23994", "CVE-2021-23995", "CVE-2021-23998", "CVE-2021-23999", "CVE-2021-24002", "CVE-2021-29945", "CVE-2021-29946"], "modified": "2021-08-23T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:firefox-esr", "cpe:/o:debian:debian_linux:10.0"], "id": "DEBIAN_DSA-4895.NASL", "href": "https://www.tenable.com/plugins/nessus/148932", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-4895. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(148932);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/08/23\");\n\n script_cve_id(\"CVE-2021-23961\", \"CVE-2021-23994\", \"CVE-2021-23995\", \"CVE-2021-23998\", \"CVE-2021-23999\", \"CVE-2021-24002\", \"CVE-2021-29945\", \"CVE-2021-29946\");\n script_xref(name:\"DSA\", value:\"4895\");\n script_xref(name:\"IAVA\", value:\"2021-A-0185-S\");\n\n script_name(english:\"Debian DSA-4895-1 : firefox-esr - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Multiple security issues have been found in the Mozilla Firefox web\nbrowser, which could potentially result in the execution of arbitrary\ncode, information disclosure, privilege escalation or spoofing.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/source-package/firefox-esr\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/buster/firefox-esr\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2021/dsa-4895\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Upgrade the firefox-esr packages.\n\nFor the stable distribution (buster), these problems have been fixed\nin version 78.10.0esr-1~deb10u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-29946\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:10.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/02/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/04/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/04/22\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr\", reference:\"78.10.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-ach\", reference:\"78.10.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-af\", reference:\"78.10.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-all\", reference:\"78.10.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-an\", reference:\"78.10.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-ar\", reference:\"78.10.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-as\", reference:\"78.10.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-ast\", reference:\"78.10.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-az\", reference:\"78.10.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-be\", reference:\"78.10.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-bg\", reference:\"78.10.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-bn-bd\", reference:\"78.10.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-bn-in\", reference:\"78.10.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-br\", reference:\"78.10.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-bs\", reference:\"78.10.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-ca\", reference:\"78.10.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-cak\", reference:\"78.10.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-cs\", reference:\"78.10.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-cy\", reference:\"78.10.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-da\", reference:\"78.10.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-de\", reference:\"78.10.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-dsb\", reference:\"78.10.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-el\", reference:\"78.10.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-en-gb\", reference:\"78.10.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-en-za\", reference:\"78.10.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-eo\", reference:\"78.10.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-es-ar\", reference:\"78.10.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-es-cl\", reference:\"78.10.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-es-es\", reference:\"78.10.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-es-mx\", reference:\"78.10.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-et\", reference:\"78.10.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-eu\", reference:\"78.10.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-fa\", reference:\"78.10.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-ff\", reference:\"78.10.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-fi\", reference:\"78.10.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-fr\", reference:\"78.10.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-fy-nl\", reference:\"78.10.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-ga-ie\", reference:\"78.10.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-gd\", reference:\"78.10.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-gl\", reference:\"78.10.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-gn\", reference:\"78.10.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-gu-in\", reference:\"78.10.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-he\", reference:\"78.10.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-hi-in\", reference:\"78.10.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-hr\", reference:\"78.10.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-hsb\", reference:\"78.10.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-hu\", reference:\"78.10.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-hy-am\", reference:\"78.10.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-ia\", reference:\"78.10.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-id\", reference:\"78.10.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-is\", reference:\"78.10.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-it\", reference:\"78.10.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-ja\", reference:\"78.10.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-ka\", reference:\"78.10.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-kab\", reference:\"78.10.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-kk\", reference:\"78.10.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-km\", reference:\"78.10.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-kn\", reference:\"78.10.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-ko\", reference:\"78.10.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-lij\", reference:\"78.10.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-lt\", reference:\"78.10.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-lv\", reference:\"78.10.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-mai\", reference:\"78.10.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-mk\", reference:\"78.10.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-ml\", reference:\"78.10.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-mr\", reference:\"78.10.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-ms\", reference:\"78.10.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-my\", reference:\"78.10.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-nb-no\", reference:\"78.10.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-ne-np\", reference:\"78.10.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-nl\", reference:\"78.10.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-nn-no\", reference:\"78.10.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-oc\", reference:\"78.10.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-or\", reference:\"78.10.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-pa-in\", reference:\"78.10.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-pl\", reference:\"78.10.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-pt-br\", reference:\"78.10.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-pt-pt\", reference:\"78.10.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-rm\", reference:\"78.10.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-ro\", reference:\"78.10.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-ru\", reference:\"78.10.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-si\", reference:\"78.10.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-sk\", reference:\"78.10.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-sl\", reference:\"78.10.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-son\", reference:\"78.10.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-sq\", reference:\"78.10.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-sr\", reference:\"78.10.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-sv-se\", reference:\"78.10.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-ta\", reference:\"78.10.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-te\", reference:\"78.10.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-th\", reference:\"78.10.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-tr\", reference:\"78.10.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-uk\", reference:\"78.10.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-ur\", reference:\"78.10.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-uz\", reference:\"78.10.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-vi\", reference:\"78.10.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-xh\", reference:\"78.10.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-zh-cn\", reference:\"78.10.0esr-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firefox-esr-l10n-zh-tw\", reference:\"78.10.0esr-1~deb10u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T15:08:15", "description": "This update for MozillaFirefox fixes the following issues :\n\nFirefox was updated to 78.10.0 ESR (bsc#1184960)\n\n - CVE-2021-23994: Out of bound write due to lazy initialization\n\n - CVE-2021-23995: Use-after-free in Responsive Design Mode\n\n - CVE-2021-23998: Secure Lock icon could have been spoofed\n\n - CVE-2021-23961: More internal network hosts could have been probed by a malicious webpage\n\n - CVE-2021-23999: Blob URLs may have been granted additional privileges\n\n - CVE-2021-24002: Arbitrary FTP command execution on FTP servers using an encoded URL\n\n - CVE-2021-29945: Incorrect size computation in WebAssembly JIT could lead to null-reads\n\n - CVE-2021-29946: Port blocking could be bypassed\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2021-04-27T00:00:00", "type": "nessus", "title": "SUSE SLED15 / SLES15 Security Update : MozillaFirefox (SUSE-SU-2021:1307-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-23961", "CVE-2021-23994", "CVE-2021-23995", "CVE-2021-23998", "CVE-2021-23999", "CVE-2021-24002", "CVE-2021-29945", "CVE-2021-29946"], "modified": "2022-01-26T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:mozillafirefox", "p-cpe:/a:novell:suse_linux:mozillafirefox-debuginfo", "p-cpe:/a:novell:suse_linux:mozillafirefox-debugsource", "p-cpe:/a:novell:suse_linux:mozillafirefox-devel", "p-cpe:/a:novell:suse_linux:mozillafirefox-translations-common", "p-cpe:/a:novell:suse_linux:mozillafirefox-translations-other", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2021-1307-1.NASL", "href": "https://www.tenable.com/plugins/nessus/149006", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2021:1307-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(149006);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/01/26\");\n\n script_cve_id(\n \"CVE-2021-23961\",\n \"CVE-2021-23994\",\n \"CVE-2021-23995\",\n \"CVE-2021-23998\",\n \"CVE-2021-23999\",\n \"CVE-2021-24002\",\n \"CVE-2021-29945\",\n \"CVE-2021-29946\"\n );\n\n script_name(english:\"SUSE SLED15 / SLES15 Security Update : MozillaFirefox (SUSE-SU-2021:1307-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"This update for MozillaFirefox fixes the following issues :\n\nFirefox was updated to 78.10.0 ESR (bsc#1184960)\n\n - CVE-2021-23994: Out of bound write due to lazy\n initialization\n\n - CVE-2021-23995: Use-after-free in Responsive Design Mode\n\n - CVE-2021-23998: Secure Lock icon could have been spoofed\n\n - CVE-2021-23961: More internal network hosts could have\n been probed by a malicious webpage\n\n - CVE-2021-23999: Blob URLs may have been granted\n additional privileges\n\n - CVE-2021-24002: Arbitrary FTP command execution on FTP\n servers using an encoded URL\n\n - CVE-2021-29945: Incorrect size computation in\n WebAssembly JIT could lead to null-reads\n\n - CVE-2021-29946: Port blocking could be bypassed\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1184960\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-23961/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-23994/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-23995/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-23998/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-23999/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-24002/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-29945/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-29946/\");\n # https://www.suse.com/support/update/announcement/2021/suse-su-20211307-1\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?d089d0b1\");\n script_set_attribute(attribute:\"solution\", value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Module for Desktop Applications 15-SP3 :\n\nzypper in -t patch\nSUSE-SLE-Module-Desktop-Applications-15-SP3-2021-1307=1\n\nSUSE Linux Enterprise Module for Desktop Applications 15-SP2 :\n\nzypper in -t patch\nSUSE-SLE-Module-Desktop-Applications-15-SP2-2021-1307=1\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-29946\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/02/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/04/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/04/27\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:MozillaFirefox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:MozillaFirefox-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:MozillaFirefox-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:MozillaFirefox-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:MozillaFirefox-translations-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:MozillaFirefox-translations-other\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED15 / SLES15\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(2|3)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP2/3\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(2|3)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED15 SP2/3\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES15\", sp:\"3\", cpu:\"x86_64\", reference:\"MozillaFirefox-devel-78.10.0-8.38.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"3\", reference:\"MozillaFirefox-78.10.0-8.38.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"3\", reference:\"MozillaFirefox-debuginfo-78.10.0-8.38.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"3\", reference:\"MozillaFirefox-debugsource-78.10.0-8.38.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"3\", reference:\"MozillaFirefox-translations-common-78.10.0-8.38.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"3\", reference:\"MozillaFirefox-translations-other-78.10.0-8.38.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"MozillaFirefox-78.10.0-8.38.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"MozillaFirefox-debuginfo-78.10.0-8.38.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"MozillaFirefox-debugsource-78.10.0-8.38.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"MozillaFirefox-devel-78.10.0-8.38.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"MozillaFirefox-translations-common-78.10.0-8.38.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"MozillaFirefox-translations-other-78.10.0-8.38.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"3\", cpu:\"x86_64\", reference:\"MozillaFirefox-devel-78.10.0-8.38.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"3\", reference:\"MozillaFirefox-78.10.0-8.38.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"3\", reference:\"MozillaFirefox-debuginfo-78.10.0-8.38.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"3\", reference:\"MozillaFirefox-debugsource-78.10.0-8.38.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"3\", reference:\"MozillaFirefox-translations-common-78.10.0-8.38.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"3\", reference:\"MozillaFirefox-translations-other-78.10.0-8.38.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"MozillaFirefox-78.10.0-8.38.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"MozillaFirefox-debuginfo-78.10.0-8.38.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"MozillaFirefox-debugsource-78.10.0-8.38.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"MozillaFirefox-devel-78.10.0-8.38.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"MozillaFirefox-translations-common-78.10.0-8.38.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"MozillaFirefox-translations-other-78.10.0-8.38.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"MozillaFirefox\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:27:50", "description": "Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, information disclosure, privilege escalation or spoofing.\n\nFor Debian 9 stretch, these problems have been fixed in version 78.10.0esr-1~deb9u1.\n\nWe recommend that you upgrade your firefox-esr packages.\n\nFor the detailed security status of firefox-esr please refer to its security tracker page at:\nhttps://security-tracker.debian.org/tracker/firefox-esr\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2021-04-27T00:00:00", "type": "nessus", "title": "Debian DLA-2633-1 : firefox-esr security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-23961", "CVE-2021-23994", "CVE-2021-23995", "CVE-2021-23998", "CVE-2021-23999", "CVE-2021-24002", "CVE-2021-29945", "CVE-2021-29946"], "modified": "2021-06-29T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:firefox-esr", "p-cpe:/a:debian:debian_linux:firefox-esr-dev", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ach", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-af", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-all", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-an", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ar", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-as", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ast", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-az", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-bg", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-bn-bd", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-bn-in", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-br", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-bs", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ca", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-cak", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-cs", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-cy", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-da", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-de", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-dsb", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-el", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-en-gb", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-en-za", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-eo", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-es-ar", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-es-cl", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-es-es", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-es-mx", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-et", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-eu", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-fa", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ff", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-fi", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-fr", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-fy-nl", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ga-ie", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-gd", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-gl", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-gn", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-gu-in", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-he", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-hi-in", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-hr", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ja", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ka", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-kab", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-kk", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-hsb", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-km", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-kn", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-hu", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ko", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-lij", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-hy-am", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-lt", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-lv", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-id", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-mai", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-is", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-mk", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-it", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ml", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-mr", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ms", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-nb-no", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-nl", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-nn-no", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-or", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-pa-in", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-pl", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-pt-br", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-pt-pt", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-rm", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ro", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ru", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-si", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-sk", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-sl", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-son", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-sq", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-sr", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-sv-se", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ta", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-te", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-th", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-tr", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-uk", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-uz", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-vi", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-xh", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-zh-cn", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-zh-tw", "p-cpe:/a:debian:debian_linux:iceweasel", "p-cpe:/a:debian:debian_linux:iceweasel-dev", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-ach", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-af", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-all", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-an", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-ar", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-as", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-ast", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-az", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-bg", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-bn-bd", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-bn-in", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-br", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-bs", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-ca", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-cak", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-cs", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-cy", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-da", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-de", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-dsb", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-el", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-en-gb", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-en-za", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-eo", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-es-ar", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-es-cl", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-es-es", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-es-mx", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-et", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-eu", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-fa", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-ff", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-fi", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-fr", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-fy-nl", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-ga-ie", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-gd", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-gl", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-gn", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-gu-in", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-he", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-hi-in", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-hr", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-hsb", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-hu", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-hy-am", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-id", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-is", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-it", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-ja", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-ka", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-kab", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-kk", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-km", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-kn", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-ko", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-lij", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-lt", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-lv", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-mai", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-mk", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-ml", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-mr", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-ms", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-nb-no", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-nl", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-nn-no", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-or", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-pa-in", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-pl", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-pt-br", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-pt-pt", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-rm", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-ro", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-ru", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-si", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-sk", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-sl", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-son", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-sq", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-sr", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-sv-se", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-ta", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-te", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-th", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-vi", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-tr", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-xh", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-uk", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-uz", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-zh-cn", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-zh-tw", "cpe:/o:debian:debian_linux:9.0"], "id": "DEBIAN_DLA-2633.NASL", "href": "https://www.tenable.com/plugins/nessus/149008", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-2633-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(149008);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/06/29\");\n\n script_cve_id(\"CVE-2021-23961\", \"CVE-2021-23994\", \"CVE-2021-23995\", \"CVE-2021-23998\", \"CVE-2021-23999\", \"CVE-2021-24002\", \"CVE-2021-29945\", \"CVE-2021-29946\");\n\n script_name(english:\"Debian DLA-2633-1 : firefox-esr security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Multiple security issues have been found in the Mozilla Firefox web\nbrowser, which could potentially result in the execution of arbitrary\ncode, information disclosure, privilege escalation or spoofing.\n\nFor Debian 9 stretch, these problems have been fixed in version\n78.10.0esr-1~deb9u1.\n\nWe recommend that you upgrade your firefox-esr packages.\n\nFor the detailed security status of firefox-esr please refer to its\nsecurity tracker page at:\nhttps://security-tracker.debian.org/tracker/firefox-esr\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2021/04/msg00020.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/stretch/firefox-esr\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/source-package/firefox-esr\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-29946\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ach\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-af\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-all\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-an\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-as\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ast\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-az\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-bg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-bn-bd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-bn-in\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-br\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-bs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ca\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-cak\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-cs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-cy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-da\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-de\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-dsb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-el\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-en-gb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-en-za\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-eo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-es-ar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-es-cl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-es-es\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-es-mx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-et\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-eu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-fa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ff\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-fi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-fr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-fy-nl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ga-ie\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-gl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-gn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-gu-in\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-he\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-hi-in\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-hr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-hsb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-hu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-hy-am\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-id\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-is\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-it\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ja\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ka\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-kab\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-kk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-km\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-kn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ko\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-lij\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-lt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-lv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-mai\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-mk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-mr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-nb-no\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-nl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-nn-no\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-or\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-pa-in\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-pl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-pt-br\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-pt-pt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-rm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ro\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ru\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-si\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-sk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-sl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-son\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-sq\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-sr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-sv-se\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ta\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-te\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-th\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-tr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-uk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-uz\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-vi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-xh\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-zh-cn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-zh-tw\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-ach\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-af\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-all\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-an\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-ar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-as\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-ast\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-az\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-bg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-bn-bd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-bn-in\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-br\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-bs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-ca\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-cak\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-cs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-cy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-da\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-de\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-dsb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-el\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-en-gb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-en-za\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-eo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-es-ar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-es-cl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-es-es\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-es-mx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-et\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-eu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-fa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-ff\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-fi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-fr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-fy-nl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-ga-ie\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-gl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-gn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-gu-in\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-he\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-hi-in\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-hr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-hsb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-hu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-hy-am\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-id\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-is\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-it\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-ja\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-ka\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-kab\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-kk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-km\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-kn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-ko\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-lij\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-lt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-lv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-mai\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-mk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-ml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-mr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-ms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-nb-no\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-nl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-nn-no\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-or\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-pa-in\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-pl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-pt-br\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-pt-pt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-rm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-ro\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-ru\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-si\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-sk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-sl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-son\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-sq\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-sr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-sv-se\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-ta\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-te\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-th\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-tr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-uk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-uz\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-vi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-xh\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-zh-cn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-zh-tw\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/02/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/04/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/04/27\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"9.0\", prefix:\"firefox-esr\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"firefox-esr-dev\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"firefox-esr-l10n-ach\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"firefox-esr-l10n-af\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"firefox-esr-l10n-all\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"firefox-esr-l10n-an\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"firefox-esr-l10n-ar\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"firefox-esr-l10n-as\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"firefox-esr-l10n-ast\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"firefox-esr-l10n-az\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"firefox-esr-l10n-bg\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"firefox-esr-l10n-bn-bd\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"firefox-esr-l10n-bn-in\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"firefox-esr-l10n-br\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"firefox-esr-l10n-bs\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"firefox-esr-l10n-ca\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"firefox-esr-l10n-cak\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"firefox-esr-l10n-cs\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"firefox-esr-l10n-cy\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"firefox-esr-l10n-da\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"firefox-esr-l10n-de\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"firefox-esr-l10n-dsb\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"firefox-esr-l10n-el\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"firefox-esr-l10n-en-gb\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"firefox-esr-l10n-en-za\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"firefox-esr-l10n-eo\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"firefox-esr-l10n-es-ar\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"firefox-esr-l10n-es-cl\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"firefox-esr-l10n-es-es\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"firefox-esr-l10n-es-mx\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"firefox-esr-l10n-et\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"firefox-esr-l10n-eu\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"firefox-esr-l10n-fa\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"firefox-esr-l10n-ff\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"firefox-esr-l10n-fi\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"firefox-esr-l10n-fr\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"firefox-esr-l10n-fy-nl\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"firefox-esr-l10n-ga-ie\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"firefox-esr-l10n-gd\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"firefox-esr-l10n-gl\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"firefox-esr-l10n-gn\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"firefox-esr-l10n-gu-in\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"firefox-esr-l10n-he\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"firefox-esr-l10n-hi-in\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"firefox-esr-l10n-hr\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"firefox-esr-l10n-hsb\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"firefox-esr-l10n-hu\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"firefox-esr-l10n-hy-am\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"firefox-esr-l10n-id\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"firefox-esr-l10n-is\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"firefox-esr-l10n-it\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"firefox-esr-l10n-ja\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"firefox-esr-l10n-ka\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"firefox-esr-l10n-kab\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"firefox-esr-l10n-kk\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"firefox-esr-l10n-km\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"firefox-esr-l10n-kn\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"firefox-esr-l10n-ko\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"firefox-esr-l10n-lij\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"firefox-esr-l10n-lt\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"firefox-esr-l10n-lv\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"firefox-esr-l10n-mai\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"firefox-esr-l10n-mk\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"firefox-esr-l10n-ml\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"firefox-esr-l10n-mr\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"firefox-esr-l10n-ms\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"firefox-esr-l10n-nb-no\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"firefox-esr-l10n-nl\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"firefox-esr-l10n-nn-no\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"firefox-esr-l10n-or\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"firefox-esr-l10n-pa-in\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"firefox-esr-l10n-pl\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"firefox-esr-l10n-pt-br\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"firefox-esr-l10n-pt-pt\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"firefox-esr-l10n-rm\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"firefox-esr-l10n-ro\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"firefox-esr-l10n-ru\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"firefox-esr-l10n-si\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"firefox-esr-l10n-sk\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"firefox-esr-l10n-sl\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"firefox-esr-l10n-son\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"firefox-esr-l10n-sq\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"firefox-esr-l10n-sr\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"firefox-esr-l10n-sv-se\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"firefox-esr-l10n-ta\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"firefox-esr-l10n-te\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"firefox-esr-l10n-th\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"firefox-esr-l10n-tr\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"firefox-esr-l10n-uk\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"firefox-esr-l10n-uz\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"firefox-esr-l10n-vi\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"firefox-esr-l10n-xh\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"firefox-esr-l10n-zh-cn\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"firefox-esr-l10n-zh-tw\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceweasel\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceweasel-dev\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceweasel-l10n-ach\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceweasel-l10n-af\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceweasel-l10n-all\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceweasel-l10n-an\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceweasel-l10n-ar\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceweasel-l10n-as\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceweasel-l10n-ast\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceweasel-l10n-az\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceweasel-l10n-bg\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceweasel-l10n-bn-bd\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceweasel-l10n-bn-in\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceweasel-l10n-br\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceweasel-l10n-bs\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceweasel-l10n-ca\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceweasel-l10n-cak\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceweasel-l10n-cs\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceweasel-l10n-cy\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceweasel-l10n-da\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceweasel-l10n-de\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceweasel-l10n-dsb\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceweasel-l10n-el\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceweasel-l10n-en-gb\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceweasel-l10n-en-za\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceweasel-l10n-eo\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceweasel-l10n-es-ar\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceweasel-l10n-es-cl\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceweasel-l10n-es-es\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceweasel-l10n-es-mx\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceweasel-l10n-et\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceweasel-l10n-eu\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceweasel-l10n-fa\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceweasel-l10n-ff\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceweasel-l10n-fi\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceweasel-l10n-fr\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceweasel-l10n-fy-nl\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceweasel-l10n-ga-ie\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceweasel-l10n-gd\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceweasel-l10n-gl\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceweasel-l10n-gn\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceweasel-l10n-gu-in\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceweasel-l10n-he\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceweasel-l10n-hi-in\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceweasel-l10n-hr\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceweasel-l10n-hsb\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceweasel-l10n-hu\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceweasel-l10n-hy-am\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceweasel-l10n-id\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceweasel-l10n-is\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceweasel-l10n-it\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceweasel-l10n-ja\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceweasel-l10n-ka\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceweasel-l10n-kab\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceweasel-l10n-kk\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceweasel-l10n-km\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceweasel-l10n-kn\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceweasel-l10n-ko\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceweasel-l10n-lij\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceweasel-l10n-lt\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceweasel-l10n-lv\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceweasel-l10n-mai\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceweasel-l10n-mk\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceweasel-l10n-ml\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceweasel-l10n-mr\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceweasel-l10n-ms\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceweasel-l10n-nb-no\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceweasel-l10n-nl\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceweasel-l10n-nn-no\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceweasel-l10n-or\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceweasel-l10n-pa-in\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceweasel-l10n-pl\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceweasel-l10n-pt-br\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceweasel-l10n-pt-pt\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceweasel-l10n-rm\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceweasel-l10n-ro\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceweasel-l10n-ru\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceweasel-l10n-si\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceweasel-l10n-sk\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceweasel-l10n-sl\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceweasel-l10n-son\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceweasel-l10n-sq\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceweasel-l10n-sr\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceweasel-l10n-sv-se\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceweasel-l10n-ta\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceweasel-l10n-te\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceweasel-l10n-th\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceweasel-l10n-tr\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceweasel-l10n-uk\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceweasel-l10n-uz\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceweasel-l10n-vi\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceweasel-l10n-xh\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceweasel-l10n-zh-cn\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceweasel-l10n-zh-tw\", reference:\"78.10.0esr-1~deb9u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T14:16:39", "description": "The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2021:1360 advisory.\n\n - Mozilla: More internal network hosts could have been probed by a malicious webpage (CVE-2021-23961)\n\n - Mozilla: Out of bound write due to lazy initialization (CVE-2021-23994)\n\n - Mozilla: Use-after-free in Responsive Design Mode (CVE-2021-23995)\n\n - Mozilla: Secure Lock icon could have been spoofed (CVE-2021-23998)\n\n - Mozilla: Blob URLs may have been granted additional privileges (CVE-2021-23999)\n\n - Mozilla: Arbitrary FTP command execution on FTP servers using an encoded URL (CVE-2021-24002)\n\n - Mozilla: Incorrect size computation in WebAssembly JIT could lead to null-reads (CVE-2021-29945)\n\n - Mozilla: Port blocking could be bypassed (CVE-2021-29946)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-04-26T00:00:00", "type": "nessus", "title": "RHEL 8 : firefox (RHSA-2021:1360)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-23961", "CVE-2021-23994", "CVE-2021-23995", "CVE-2021-23998", "CVE-2021-23999", "CVE-2021-24002", "CVE-2021-29945", "CVE-2021-29946"], "modified": "2023-05-24T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:8", "cpe:/o:redhat:rhel_aus:8.4", "cpe:/o:redhat:rhel_aus:8.6", "cpe:/o:redhat:rhel_e4s:8.4", "cpe:/o:redhat:rhel_e4s:8.6", "cpe:/o:redhat:rhel_eus:8.4", "cpe:/o:redhat:rhel_eus:8.6", "cpe:/o:redhat:rhel_tus:8.4", "cpe:/o:redhat:rhel_tus:8.6", "p-cpe:/a:redhat:enterprise_linux:firefox"], "id": "REDHAT-RHSA-2021-1360.NASL", "href": "https://www.tenable.com/plugins/nessus/148993", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2021:1360. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(148993);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/24\");\n\n script_cve_id(\n \"CVE-2021-23961\",\n \"CVE-2021-23994\",\n \"CVE-2021-23995\",\n \"CVE-2021-23998\",\n \"CVE-2021-23999\",\n \"CVE-2021-24002\",\n \"CVE-2021-29945\",\n \"CVE-2021-29946\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0051-S\");\n script_xref(name:\"RHSA\", value:\"2021:1360\");\n script_xref(name:\"IAVA\", value:\"2021-A-0185-S\");\n\n script_name(english:\"RHEL 8 : firefox (RHSA-2021:1360)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as\nreferenced in the RHSA-2021:1360 advisory.\n\n - Mozilla: More internal network hosts could have been probed by a malicious webpage (CVE-2021-23961)\n\n - Mozilla: Out of bound write due to lazy initialization (CVE-2021-23994)\n\n - Mozilla: Use-after-free in Responsive Design Mode (CVE-2021-23995)\n\n - Mozilla: Secure Lock icon could have been spoofed (CVE-2021-23998)\n\n - Mozilla: Blob URLs may have been granted additional privileges (CVE-2021-23999)\n\n - Mozilla: Arbitrary FTP command execution on FTP servers using an encoded URL (CVE-2021-24002)\n\n - Mozilla: Incorrect size computation in WebAssembly JIT could lead to null-reads (CVE-2021-29945)\n\n - Mozilla: Port blocking could be bypassed (CVE-2021-29946)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-23961\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-23994\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-23995\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-23998\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-23999\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-24002\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-29945\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-29946\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2021:1360\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1951364\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1951365\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1951366\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1951367\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1951368\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1951369\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1951370\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1951371\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected firefox package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-29946\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(88, 190, 200, 281, 416, 476, 787);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/01/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/04/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/04/26\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:firefox\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/aus/rhel8/8.4/x86_64/appstream/debug',\n 'content/aus/rhel8/8.4/x86_64/appstream/os',\n 'content/aus/rhel8/8.4/x86_64/appstream/source/SRPMS',\n 'content/aus/rhel8/8.4/x86_64/baseos/debug',\n 'content/aus/rhel8/8.4/x86_64/baseos/os',\n 'content/aus/rhel8/8.4/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.4/aarch64/appstream/debug',\n 'content/e4s/rhel8/8.4/aarch64/appstream/os',\n 'content/e4s/rhel8/8.4/aarch64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.4/aarch64/baseos/debug',\n 'content/e4s/rhel8/8.4/aarch64/baseos/os',\n 'content/e4s/rhel8/8.4/aarch64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.4/ppc64le/appstream/debug',\n 'content/e4s/rhel8/8.4/ppc64le/appstream/os',\n 'content/e4s/rhel8/8.4/ppc64le/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.4/ppc64le/baseos/debug',\n 'content/e4s/rhel8/8.4/ppc64le/baseos/os',\n 'content/e4s/rhel8/8.4/ppc64le/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.4/ppc64le/highavailability/debug',\n 'content/e4s/rhel8/8.4/ppc64le/highavailability/os',\n 'content/e4s/rhel8/8.4/ppc64le/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.4/ppc64le/sap-solutions/debug',\n 'content/e4s/rhel8/8.4/ppc64le/sap-solutions/os',\n 'content/e4s/rhel8/8.4/ppc64le/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.4/ppc64le/sap/debug',\n 'content/e4s/rhel8/8.4/ppc64le/sap/os',\n 'content/e4s/rhel8/8.4/ppc64le/sap/source/SRPMS',\n 'content/e4s/rhel8/8.4/s390x/appstream/debug',\n 'content/e4s/rhel8/8.4/s390x/appstream/os',\n 'content/e4s/rhel8/8.4/s390x/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.4/s390x/baseos/debug',\n 'content/e4s/rhel8/8.4/s390x/baseos/os',\n 'content/e4s/rhel8/8.4/s390x/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/appstream/debug',\n 'content/e4s/rhel8/8.4/x86_64/appstream/os',\n 'content/e4s/rhel8/8.4/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/baseos/debug',\n 'content/e4s/rhel8/8.4/x86_64/baseos/os',\n 'content/e4s/rhel8/8.4/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/highavailability/debug',\n 'content/e4s/rhel8/8.4/x86_64/highavailability/os',\n 'content/e4s/rhel8/8.4/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/nfv/debug',\n 'content/e4s/rhel8/8.4/x86_64/nfv/os',\n 'content/e4s/rhel8/8.4/x86_64/nfv/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/sap-solutions/debug',\n 'content/e4s/rhel8/8.4/x86_64/sap-solutions/os',\n 'content/e4s/rhel8/8.4/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/sap/debug',\n 'content/e4s/rhel8/8.4/x86_64/sap/os',\n 'content/e4s/rhel8/8.4/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.4/aarch64/appstream/debug',\n 'content/eus/rhel8/8.4/aarch64/appstream/os',\n 'content/eus/rhel8/8.4/aarch64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.4/aarch64/baseos/debug',\n 'content/eus/rhel8/8.4/aarch64/baseos/os',\n 'content/eus/rhel8/8.4/aarch64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.4/aarch64/codeready-builder/debug',\n 'content/eus/rhel8/8.4/aarch64/codeready-builder/os',\n 'content/eus/rhel8/8.4/aarch64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.4/aarch64/highavailability/debug',\n 'content/eus/rhel8/8.4/aarch64/highavailability/os',\n 'content/eus/rhel8/8.4/aarch64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.4/aarch64/supplementary/debug',\n 'content/eus/rhel8/8.4/aarch64/supplementary/os',\n 'content/eus/rhel8/8.4/aarch64/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/appstream/debug',\n 'content/eus/rhel8/8.4/ppc64le/appstream/os',\n 'content/eus/rhel8/8.4/ppc64le/appstream/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/baseos/debug',\n 'content/eus/rhel8/8.4/ppc64le/baseos/os',\n 'content/eus/rhel8/8.4/ppc64le/baseos/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/codeready-builder/debug',\n 'content/eus/rhel8/8.4/ppc64le/codeready-builder/os',\n 'content/eus/rhel8/8.4/ppc64le/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/highavailability/debug',\n 'content/eus/rhel8/8.4/ppc64le/highavailability/os',\n 'content/eus/rhel8/8.4/ppc64le/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/resilientstorage/debug',\n 'content/eus/rhel8/8.4/ppc64le/resilientstorage/os',\n 'content/eus/rhel8/8.4/ppc64le/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/sap-solutions/debug',\n 'content/eus/rhel8/8.4/ppc64le/sap-solutions/os',\n 'content/eus/rhel8/8.4/ppc64le/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/sap/debug',\n 'content/eus/rhel8/8.4/ppc64le/sap/os',\n 'content/eus/rhel8/8.4/ppc64le/sap/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/supplementary/debug',\n 'content/eus/rhel8/8.4/ppc64le/supplementary/os',\n 'content/eus/rhel8/8.4/ppc64le/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/appstream/debug',\n 'content/eus/rhel8/8.4/s390x/appstream/os',\n 'content/eus/rhel8/8.4/s390x/appstream/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/baseos/debug',\n 'content/eus/rhel8/8.4/s390x/baseos/os',\n 'content/eus/rhel8/8.4/s390x/baseos/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/codeready-builder/debug',\n 'content/eus/rhel8/8.4/s390x/codeready-builder/os',\n 'content/eus/rhel8/8.4/s390x/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/highavailability/debug',\n 'content/eus/rhel8/8.4/s390x/highavailability/os',\n 'content/eus/rhel8/8.4/s390x/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/resilientstorage/debug',\n 'content/eus/rhel8/8.4/s390x/resilientstorage/os',\n 'content/eus/rhel8/8.4/s390x/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/sap/debug',\n 'content/eus/rhel8/8.4/s390x/sap/os',\n 'content/eus/rhel8/8.4/s390x/sap/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/supplementary/debug',\n 'content/eus/rhel8/8.4/s390x/supplementary/os',\n 'content/eus/rhel8/8.4/s390x/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/appstream/debug',\n 'content/eus/rhel8/8.4/x86_64/appstream/os',\n 'content/eus/rhel8/8.4/x86_64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/baseos/debug',\n 'content/eus/rhel8/8.4/x86_64/baseos/os',\n 'content/eus/rhel8/8.4/x86_64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/codeready-builder/debug',\n 'content/eus/rhel8/8.4/x86_64/codeready-builder/os',\n 'content/eus/rhel8/8.4/x86_64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/highavailability/debug',\n 'content/eus/rhel8/8.4/x86_64/highavailability/os',\n 'content/eus/rhel8/8.4/x86_64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/resilientstorage/debug',\n 'content/eus/rhel8/8.4/x86_64/resilientstorage/os',\n 'content/eus/rhel8/8.4/x86_64/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/sap-solutions/debug',\n 'content/eus/rhel8/8.4/x86_64/sap-solutions/os',\n 'content/eus/rhel8/8.4/x86_64/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/sap/debug',\n 'content/eus/rhel8/8.4/x86_64/sap/os',\n 'content/eus/rhel8/8.4/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/supplementary/debug',\n 'content/eus/rhel8/8.4/x86_64/supplementary/os',\n 'content/eus/rhel8/8.4/x86_64/supplementary/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/appstream/debug',\n 'content/tus/rhel8/8.4/x86_64/appstream/os',\n 'content/tus/rhel8/8.4/x86_64/appstream/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/baseos/debug',\n 'content/tus/rhel8/8.4/x86_64/baseos/os',\n 'content/tus/rhel8/8.4/x86_64/baseos/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/highavailability/debug',\n 'content/tus/rhel8/8.4/x86_64/highavailability/os',\n 'content/tus/rhel8/8.4/x86_64/highavailability/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/nfv/debug',\n 'content/tus/rhel8/8.4/x86_64/nfv/os',\n 'content/tus/rhel8/8.4/x86_64/nfv/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/rt/debug',\n 'content/tus/rhel8/8.4/x86_64/rt/os',\n 'content/tus/rhel8/8.4/x86_64/rt/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'firefox-78.10.0-1.el8_3', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE}\n ]\n },\n {\n 'repo_relative_urls': [\n 'content/aus/rhel8/8.6/x86_64/appstream/debug',\n 'content/aus/rhel8/8.6/x86_64/appstream/os',\n 'content/aus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/aus/rhel8/8.6/x86_64/baseos/debug',\n 'content/aus/rhel8/8.6/x86_64/baseos/os',\n 'content/aus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/appstream/debug',\n 'content/e4s/rhel8/8.6/ppc64le/appstream/os',\n 'content/e4s/rhel8/8.6/ppc64le/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/baseos/debug',\n 'content/e4s/rhel8/8.6/ppc64le/baseos/os',\n 'content/e4s/rhel8/8.6/ppc64le/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/highavailability/debug',\n 'content/e4s/rhel8/8.6/ppc64le/highavailability/os',\n 'content/e4s/rhel8/8.6/ppc64le/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/sap-solutions/debug',\n 'content/e4s/rhel8/8.6/ppc64le/sap-solutions/os',\n 'content/e4s/rhel8/8.6/ppc64le/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/sap/debug',\n 'content/e4s/rhel8/8.6/ppc64le/sap/os',\n 'content/e4s/rhel8/8.6/ppc64le/sap/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/appstream/debug',\n 'content/e4s/rhel8/8.6/x86_64/appstream/os',\n 'content/e4s/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/baseos/debug',\n 'content/e4s/rhel8/8.6/x86_64/baseos/os',\n 'content/e4s/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/debug',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/os',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/debug',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/os',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/sap/debug',\n 'content/e4s/rhel8/8.6/x86_64/sap/os',\n 'content/e4s/rhel8/8.6/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/appstream/debug',\n 'content/eus/rhel8/8.6/aarch64/appstream/os',\n 'content/eus/rhel8/8.6/aarch64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/baseos/debug',\n 'content/eus/rhel8/8.6/aarch64/baseos/os',\n 'content/eus/rhel8/8.6/aarch64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/codeready-builder/debug',\n 'content/eus/rhel8/8.6/aarch64/codeready-builder/os',\n 'content/eus/rhel8/8.6/aarch64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/highavailability/debug',\n 'content/eus/rhel8/8.6/aarch64/highavailability/os',\n 'content/eus/rhel8/8.6/aarch64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/supplementary/debug',\n 'content/eus/rhel8/8.6/aarch64/supplementary/os',\n 'content/eus/rhel8/8.6/aarch64/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/appstream/debug',\n 'content/eus/rhel8/8.6/ppc64le/appstream/os',\n 'content/eus/rhel8/8.6/ppc64le/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/baseos/debug',\n 'content/eus/rhel8/8.6/ppc64le/baseos/os',\n 'content/eus/rhel8/8.6/ppc64le/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/codeready-builder/debug',\n 'content/eus/rhel8/8.6/ppc64le/codeready-builder/os',\n 'content/eus/rhel8/8.6/ppc64le/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/highavailability/debug',\n 'content/eus/rhel8/8.6/ppc64le/highavailability/os',\n 'content/eus/rhel8/8.6/ppc64le/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/resilientstorage/debug',\n 'content/eus/rhel8/8.6/ppc64le/resilientstorage/os',\n 'content/eus/rhel8/8.6/ppc64le/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/sap-solutions/debug',\n 'content/eus/rhel8/8.6/ppc64le/sap-solutions/os',\n 'content/eus/rhel8/8.6/ppc64le/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/sap/debug',\n 'content/eus/rhel8/8.6/ppc64le/sap/os',\n 'content/eus/rhel8/8.6/ppc64le/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/supplementary/debug',\n 'content/eus/rhel8/8.6/ppc64le/supplementary/os',\n 'content/eus/rhel8/8.6/ppc64le/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/appstream/debug',\n 'content/eus/rhel8/8.6/s390x/appstream/os',\n 'content/eus/rhel8/8.6/s390x/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/baseos/debug',\n 'content/eus/rhel8/8.6/s390x/baseos/os',\n 'content/eus/rhel8/8.6/s390x/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/codeready-builder/debug',\n 'content/eus/rhel8/8.6/s390x/codeready-builder/os',\n 'content/eus/rhel8/8.6/s390x/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/highavailability/debug',\n 'content/eus/rhel8/8.6/s390x/highavailability/os',\n 'content/eus/rhel8/8.6/s390x/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/resilientstorage/debug',\n 'content/eus/rhel8/8.6/s390x/resilientstorage/os',\n 'content/eus/rhel8/8.6/s390x/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/sap/debug',\n 'content/eus/rhel8/8.6/s390x/sap/os',\n 'content/eus/rhel8/8.6/s390x/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/supplementary/debug',\n 'content/eus/rhel8/8.6/s390x/supplementary/os',\n 'content/eus/rhel8/8.6/s390x/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/appstream/debug',\n 'content/eus/rhel8/8.6/x86_64/appstream/os',\n 'content/eus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/baseos/debug',\n 'content/eus/rhel8/8.6/x86_64/baseos/os',\n 'content/eus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/debug',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/os',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/highavailability/debug',\n 'content/eus/rhel8/8.6/x86_64/highavailability/os',\n 'content/eus/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/debug',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/os',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/debug',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/os',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/sap/debug',\n 'content/eus/rhel8/8.6/x86_64/sap/os',\n 'content/eus/rhel8/8.6/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/supplementary/debug',\n 'content/eus/rhel8/8.6/x86_64/supplementary/os',\n 'content/eus/rhel8/8.6/x86_64/supplementary/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/appstream/debug',\n 'content/tus/rhel8/8.6/x86_64/appstream/os',\n 'content/tus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/baseos/debug',\n 'content/tus/rhel8/8.6/x86_64/baseos/os',\n 'content/tus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/highavailability/debug',\n 'content/tus/rhel8/8.6/x86_64/highavailability/os',\n 'content/tus/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/rt/os',\n 'content/tus/rhel8/8.6/x86_64/rt/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'firefox-78.10.0-1.el8_3', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE}\n ]\n },\n {\n 'repo_relative_urls': [\n 'content/dist/rhel8/8/aarch64/appstream/debug',\n 'content/dist/rhel8/8/aarch64/appstream/os',\n 'content/dist/rhel8/8/aarch64/appstream/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/baseos/debug',\n 'content/dist/rhel8/8/aarch64/baseos/os',\n 'content/dist/rhel8/8/aarch64/baseos/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/codeready-builder/debug',\n 'content/dist/rhel8/8/aarch64/codeready-builder/os',\n 'content/dist/rhel8/8/aarch64/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/highavailability/debug',\n 'content/dist/rhel8/8/aarch64/highavailability/os',\n 'content/dist/rhel8/8/aarch64/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/supplementary/debug',\n 'content/dist/rhel8/8/aarch64/supplementary/os',\n 'content/dist/rhel8/8/aarch64/supplementary/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/appstream/debug',\n 'content/dist/rhel8/8/ppc64le/appstream/os',\n 'content/dist/rhel8/8/ppc64le/appstream/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/baseos/debug',\n 'content/dist/rhel8/8/ppc64le/baseos/os',\n 'content/dist/rhel8/8/ppc64le/baseos/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/codeready-builder/debug',\n 'content/dist/rhel8/8/ppc64le/codeready-builder/os',\n 'content/dist/rhel8/8/ppc64le/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/highavailability/debug',\n 'content/dist/rhel8/8/ppc64le/highavailability/os',\n 'content/dist/rhel8/8/ppc64le/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/resilientstorage/debug',\n 'content/dist/rhel8/8/ppc64le/resilientstorage/os',\n 'content/dist/rhel8/8/ppc64le/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/sap-solutions/debug',\n 'content/dist/rhel8/8/ppc64le/sap-solutions/os',\n 'content/dist/rhel8/8/ppc64le/sap-solutions/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/sap/debug',\n 'content/dist/rhel8/8/ppc64le/sap/os',\n 'content/dist/rhel8/8/ppc64le/sap/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/supplementary/debug',\n 'content/dist/rhel8/8/ppc64le/supplementary/os',\n 'content/dist/rhel8/8/ppc64le/supplementary/source/SRPMS',\n 'content/dist/rhel8/8/s390x/appstream/debug',\n 'content/dist/rhel8/8/s390x/appstream/os',\n 'content/dist/rhel8/8/s390x/appstream/source/SRPMS',\n 'content/dist/rhel8/8/s390x/baseos/debug',\n 'content/dist/rhel8/8/s390x/baseos/os',\n 'content/dist/rhel8/8/s390x/baseos/source/SRPMS',\n 'content/dist/rhel8/8/s390x/codeready-builder/debug',\n 'content/dist/rhel8/8/s390x/codeready-builder/os',\n 'content/dist/rhel8/8/s390x/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/s390x/highavailability/debug',\n 'content/dist/rhel8/8/s390x/highavailability/os',\n 'content/dist/rhel8/8/s390x/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/s390x/resilientstorage/debug',\n 'content/dist/rhel8/8/s390x/resilientstorage/os',\n 'content/dist/rhel8/8/s390x/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/s390x/sap/debug',\n 'content/dist/rhel8/8/s390x/sap/os',\n 'content/dist/rhel8/8/s390x/sap/source/SRPMS',\n 'content/dist/rhel8/8/s390x/supplementary/debug',\n 'content/dist/rhel8/8/s390x/supplementary/os',\n 'content/dist/rhel8/8/s390x/supplementary/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/appstream/debug',\n 'content/dist/rhel8/8/x86_64/appstream/os',\n 'content/dist/rhel8/8/x86_64/appstream/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/baseos/debug',\n 'content/dist/rhel8/8/x86_64/baseos/os',\n 'content/dist/rhel8/8/x86_64/baseos/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/codeready-builder/debug',\n 'content/dist/rhel8/8/x86_64/codeready-builder/os',\n 'content/dist/rhel8/8/x86_64/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/highavailability/debug',\n 'content/dist/rhel8/8/x86_64/highavailability/os',\n 'content/dist/rhel8/8/x86_64/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/nfv/debug',\n 'content/dist/rhel8/8/x86_64/nfv/os',\n 'content/dist/rhel8/8/x86_64/nfv/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/resilientstorage/debug',\n 'content/dist/rhel8/8/x86_64/resilientstorage/os',\n 'content/dist/rhel8/8/x86_64/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/rt/debug',\n 'content/dist/rhel8/8/x86_64/rt/os',\n 'content/dist/rhel8/8/x86_64/rt/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/sap-solutions/debug',\n 'content/dist/rhel8/8/x86_64/sap-solutions/os',\n 'content/dist/rhel8/8/x86_64/sap-solutions/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/sap/debug',\n 'content/dist/rhel8/8/x86_64/sap/os',\n 'content/dist/rhel8/8/x86_64/sap/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/supplementary/debug',\n 'content/dist/rhel8/8/x86_64/supplementary/os',\n 'content/dist/rhel8/8/x86_64/supplementary/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'firefox-78.10.0-1.el8_3', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n var enterprise_linux_flag = rhel_repo_urls_has_content_dist_rhel(repo_urls:repo_relative_urls);\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp']) && !enterprise_linux_flag) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'firefox');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:27:37", "description": "The version of Firefox ESR installed on the remote macOS or Mac OS X host is prior to 78.10. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2021-15 advisory.\n\n - A WebGL framebuffer was not initialized early enough, resulting in memory corruption and an out of bound write. (CVE-2021-23994)\n\n - When Responsive Design Mode was enabled, it used references to objects that were previously freed. We presume that with enough effort this could have been exploited to run arbitrary code. (CVE-2021-23995)\n\n - Through complicated navigations with new windows, an HTTP page could have inherited a secure lock icon from an HTTPS page. (CVE-2021-23998)\n\n - Further techniques that built on the slipstream research combined with a malicious webpage could have exposed both an internal network's hosts as well as services running on the user's local machine.\n (CVE-2021-23961)\n\n - If a Blob URL was loaded through some unusual user interaction, it could have been loaded by the System Principal and granted additional privileges that should not be granted to web content. (CVE-2021-23999)\n\n - When a user clicked on an FTP URL containing encoded newline characters (%0A and %0D), the newlines would have been interpreted as such and allowed arbitrary commands to be sent to the FTP server.\n (CVE-2021-24002)\n\n - The WebAssembly JIT could miscalculate the size of a return type, which could lead to a null read and result in a crash. Note: This issue only affected x86-32 platforms. Other platforms are unaffected.\n (CVE-2021-29945)\n\n - Ports that were written as an integer overflow above the bounds of a 16-bit integer could have bypassed port blocking restrictions when used in the Alt-Svc header. (CVE-2021-29946)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-04-19T00:00:00", "type": "nessus", "title": "Mozilla Firefox ESR < 78.10", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-23961", "CVE-2021-23994", "CVE-2021-23995", "CVE-2021-23998", "CVE-2021-23999", "CVE-2021-24002", "CVE-2021-29945", "CVE-2021-29946"], "modified": "2021-08-19T00:00:00", "cpe": ["cpe:/a:mozilla:firefox_esr"], "id": "MACOS_FIREFOX_78_10_ESR.NASL", "href": "https://www.tenable.com/plugins/nessus/148774", "sourceData": "## \n# (C) Tenable Network Security, Inc.\n# \n# The descriptive text and package checks in this plugin were\n# extracted from Mozilla Foundation Security Advisory mfsa2021-15.\n# The text itself is copyright (C) Mozilla Foundation.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(148774);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/08/19\");\n\n script_cve_id(\n \"CVE-2021-23961\",\n \"CVE-2021-23994\",\n \"CVE-2021-23995\",\n \"CVE-2021-23998\",\n \"CVE-2021-23999\",\n \"CVE-2021-24002\",\n \"CVE-2021-29945\",\n \"CVE-2021-29946\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0185-S\");\n\n script_name(english:\"Mozilla Firefox ESR < 78.10\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A web browser installed on the remote macOS or Mac OS X host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Firefox ESR installed on the remote macOS or Mac OS X host is prior to 78.10. It is, therefore, affected\nby multiple vulnerabilities as referenced in the mfsa2021-15 advisory.\n\n - A WebGL framebuffer was not initialized early enough, resulting in memory corruption and an out of bound\n write. (CVE-2021-23994)\n\n - When Responsive Design Mode was enabled, it used references to objects that were previously freed. We\n presume that with enough effort this could have been exploited to run arbitrary code. (CVE-2021-23995)\n\n - Through complicated navigations with new windows, an HTTP page could have inherited a secure lock icon\n from an HTTPS page. (CVE-2021-23998)\n\n - Further techniques that built on the slipstream research combined with a malicious webpage could have\n exposed both an internal network's hosts as well as services running on the user's local machine.\n (CVE-2021-23961)\n\n - If a Blob URL was loaded through some unusual user interaction, it could have been loaded by the System\n Principal and granted additional privileges that should not be granted to web content. (CVE-2021-23999)\n\n - When a user clicked on an FTP URL containing encoded newline characters (%0A and %0D), the newlines would\n have been interpreted as such and allowed arbitrary commands to be sent to the FTP server.\n (CVE-2021-24002)\n\n - The WebAssembly JIT could miscalculate the size of a return type, which could lead to a null read and\n result in a crash. Note: This issue only affected x86-32 platforms. Other platforms are unaffected.\n (CVE-2021-29945)\n\n - Ports that were written as an integer overflow above the bounds of a 16-bit integer could have bypassed\n port blocking restrictions when used in the Alt-Svc header. (CVE-2021-29946)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2021-15/\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Mozilla Firefox ESR version 78.10 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-29946\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/01/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/04/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/04/19\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:mozilla:firefox_esr\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"macosx_firefox_installed.nasl\");\n script_require_keys(\"MacOSX/Firefox/Version\");\n\n exit(0);\n}\n\ninclude('mozilla_version.inc');\n\nkb_base = 'MacOSX/Firefox';\nget_kb_item_or_exit(kb_base+'/Installed');\n\nversion = get_kb_item_or_exit(kb_base+'/Version', exit_code:1);\npath = get_kb_item_or_exit(kb_base+'/Path', exit_code:1);\n\nis_esr = get_kb_item(kb_base+'/is_esr');\nif (isnull(is_esr)) audit(AUDIT_NOT_INST, 'Mozilla Firefox ESR');\n\nmozilla_check_version(version:version, path:path, product:'firefox', esr:TRUE, fix:'78.10', min:'78.0.0', severity:SECURITY_WARNING);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:28:52", "description": "The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2021:1360 advisory.\n\n - Mozilla: More internal network hosts could have been probed by a malicious webpage (CVE-2021-23961)\n\n - Mozilla: Out of bound write due to lazy initialization (CVE-2021-23994)\n\n - Mozilla: Use-after-free in Responsive Design Mode (CVE-2021-23995)\n\n - Mozilla: Secure Lock icon could have been spoofed (CVE-2021-23998)\n\n - Mozilla: Blob URLs may have been granted additional privileges (CVE-2021-23999)\n\n - Mozilla: Arbitrary FTP command execution on FTP servers using an encoded URL (CVE-2021-24002)\n\n - Mozilla: Incorrect size computation in WebAssembly JIT could lead to null-reads (CVE-2021-29945)\n\n - Mozilla: Port blocking could be bypassed (CVE-2021-29946)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-05-03T00:00:00", "type": "nessus", "title": "CentOS 8 : firefox (CESA-2021:1360)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-23961", "CVE-2021-23994", "CVE-2021-23995", "CVE-2021-23998", "CVE-2021-23999", "CVE-2021-24002", "CVE-2021-29945", "CVE-2021-29946"], "modified": "2021-06-28T00:00:00", "cpe": ["cpe:/o:centos:centos:8", "p-cpe:/a:centos:centos:firefox"], "id": "CENTOS8_RHSA-2021-1360.NASL", "href": "https://www.tenable.com/plugins/nessus/149237", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# Red Hat Security Advisory RHSA-2021:1360. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(149237);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/06/28\");\n\n script_cve_id(\n \"CVE-2021-23961\",\n \"CVE-2021-23994\",\n \"CVE-2021-23995\",\n \"CVE-2021-23998\",\n \"CVE-2021-23999\",\n \"CVE-2021-24002\",\n \"CVE-2021-29945\",\n \"CVE-2021-29946\"\n );\n script_xref(name:\"RHSA\", value:\"2021:1360\");\n\n script_name(english:\"CentOS 8 : firefox (CESA-2021:1360)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote CentOS host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the\nCESA-2021:1360 advisory.\n\n - Mozilla: More internal network hosts could have been probed by a malicious webpage (CVE-2021-23961)\n\n - Mozilla: Out of bound write due to lazy initialization (CVE-2021-23994)\n\n - Mozilla: Use-after-free in Responsive Design Mode (CVE-2021-23995)\n\n - Mozilla: Secure Lock icon could have been spoofed (CVE-2021-23998)\n\n - Mozilla: Blob URLs may have been granted additional privileges (CVE-2021-23999)\n\n - Mozilla: Arbitrary FTP command execution on FTP servers using an encoded URL (CVE-2021-24002)\n\n - Mozilla: Incorrect size computation in WebAssembly JIT could lead to null-reads (CVE-2021-29945)\n\n - Mozilla: Port blocking could be bypassed (CVE-2021-29946)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2021:1360\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected firefox package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-29946\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/01/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/04/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/05/03\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:firefox\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CentOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item('Host/CentOS/release');\nif (isnull(release) || 'CentOS' >!< release) audit(AUDIT_OS_NOT, 'CentOS');\nos_ver = pregmatch(pattern: \"CentOS(?: Stream)?(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'CentOS');\nos_ver = os_ver[1];\nif ('CentOS Stream' >< release) audit(AUDIT_OS_NOT, 'CentOS 8.x', 'CentOS Stream ' + os_ver);\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'CentOS 8.x', 'CentOS ' + os_ver);\n\nif (!get_kb_item('Host/CentOS/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'CentOS', cpu);\n\npkgs = [\n {'reference':'firefox-78.10.0-1.el8_3', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE},\n {'reference':'firefox-78.10.0-1.el8_3', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n reference = NULL;\n release = NULL;\n sp = NULL;\n cpu = NULL;\n el_string = NULL;\n rpm_spec_vers_cmp = NULL;\n epoch = NULL;\n allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'CentOS-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'firefox');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:27:51", "description": "This update for MozillaFirefox fixes the following issues :\n\nFirefox was updated to 78.10.0 ESR (bsc#1184960)\n\n - CVE-2021-23994: Out of bound write due to lazy initialization\n\n - CVE-2021-23995: Use-after-free in Responsive Design Mode\n\n - CVE-2021-23998: Secure Lock icon could have been spoofed\n\n - CVE-2021-23961: More internal network hosts could have been probed by a malicious webpage\n\n - CVE-2021-23999: Blob URLs may have been granted additional privileges\n\n - CVE-2021-24002: Arbitrary FTP command execution on FTP servers using an encoded URL\n\n - CVE-2021-29945: Incorrect size computation in WebAssembly JIT could lead to null-reads\n\n - CVE-2021-29946: Port blocking could be bypassed\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2021-04-28T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : MozillaFirefox (SUSE-SU-2021:1325-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-23961", "CVE-2021-23994", "CVE-2021-23995", "CVE-2021-23998", "CVE-2021-23999", "CVE-2021-24002", "CVE-2021-29945", "CVE-2021-29946"], "modified": "2022-01-26T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:mozillafirefox", "p-cpe:/a:novell:suse_linux:mozillafirefox-debuginfo", "p-cpe:/a:novell:suse_linux:mozillafirefox-debugsource", "p-cpe:/a:novell:suse_linux:mozillafirefox-devel", "p-cpe:/a:novell:suse_linux:mozillafirefox-translations-common", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2021-1325-1.NASL", "href": "https://www.tenable.com/plugins/nessus/149035", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2021:1325-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(149035);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/01/26\");\n\n script_cve_id(\n \"CVE-2021-23961\",\n \"CVE-2021-23994\",\n \"CVE-2021-23995\",\n \"CVE-2021-23998\",\n \"CVE-2021-23999\",\n \"CVE-2021-24002\",\n \"CVE-2021-29945\",\n \"CVE-2021-29946\"\n );\n\n script_name(english:\"SUSE SLES12 Security Update : MozillaFirefox (SUSE-SU-2021:1325-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"This update for MozillaFirefox fixes the following issues :\n\nFirefox was updated to 78.10.0 ESR (bsc#1184960)\n\n - CVE-2021-23994: Out of bound write due to lazy\n initialization\n\n - CVE-2021-23995: Use-after-free in Responsive Design Mode\n\n - CVE-2021-23998: Secure Lock icon could have been spoofed\n\n - CVE-2021-23961: More internal network hosts could have\n been probed by a malicious webpage\n\n - CVE-2021-23999: Blob URLs may have been granted\n additional privileges\n\n - CVE-2021-24002: Arbitrary FTP command execution on FTP\n servers using an encoded URL\n\n - CVE-2021-29945: Incorrect size computation in\n WebAssembly JIT could lead to null-reads\n\n - CVE-2021-29946: Port blocking could be bypassed\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1184960\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-23961/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-23994/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-23995/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-23998/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-23999/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-24002/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-29945/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-29946/\");\n # https://www.suse.com/support/update/announcement/2021/suse-su-20211325-1\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?38c6bc64\");\n script_set_attribute(attribute:\"solution\", value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE OpenStack Cloud Crowbar 9 :\n\nzypper in -t patch SUSE-OpenStack-Cloud-Crowbar-9-2021-1325=1\n\nSUSE OpenStack Cloud Crowbar 8 :\n\nzypper in -t patch SUSE-OpenStack-Cloud-Crowbar-8-2021-1325=1\n\nSUSE OpenStack Cloud 9 :\n\nzypper in -t patch SUSE-OpenStack-Cloud-9-2021-1325=1\n\nSUSE OpenStack Cloud 8 :\n\nzypper in -t patch SUSE-OpenStack-Cloud-8-2021-1325=1\n\nSUSE Linux Enterprise Software Development Kit 12-SP5 :\n\nzypper in -t patch SUSE-SLE-SDK-12-SP5-2021-1325=1\n\nSUSE Linux Enterprise Server for SAP 12-SP4 :\n\nzypper in -t patch SUSE-SLE-SAP-12-SP4-2021-1325=1\n\nSUSE Linux Enterprise Server for SAP 12-SP3 :\n\nzypper in -t patch SUSE-SLE-SAP-12-SP3-2021-1325=1\n\nSUSE Linux Enterprise Server 12-SP5 :\n\nzypper in -t patch SUSE-SLE-SERVER-12-SP5-2021-1325=1\n\nSUSE Linux Enterprise Server 12-SP4-LTSS :\n\nzypper in -t patch SUSE-SLE-SERVER-12-SP4-LTSS-2021-1325=1\n\nSUSE Linux Enterprise Server 12-SP3-LTSS :\n\nzypper in -t patch SUSE-SLE-SERVER-12-SP3-2021-1325=1\n\nSUSE Linux Enterprise Server 12-SP3-BCL :\n\nzypper in -t patch SUSE-SLE-SERVER-12-SP3-BCL-2021-1325=1\n\nSUSE Linux Enterprise Server 12-SP2-LTSS-SAP :\n\nzypper in -t patch SUSE-SLE-SERVER-12-SP2-LTSS-SAP-2021-1325=1\n\nSUSE Linux Enterprise Server 12-SP2-LTSS-ERICSSON :\n\nzypper in -t patch SUSE-SLE-SERVER-12-SP2-LTSS-ERICSSON-2021-1325=1\n\nSUSE Linux Enterprise Server 12-SP2-BCL :\n\nzypper in -t patch SUSE-SLE-SERVER-12-SP2-BCL-2021-1325=1\n\nHPE Helion Openstack 8 :\n\nzypper in -t patch HPE-Helion-OpenStack-8-2021-1325=1\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-29946\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/02/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/04/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/04/28\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:MozillaFirefox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:MozillaFirefox-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:MozillaFirefox-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:MozillaFirefox-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:MozillaFirefox-translations-common\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(2|3|4|5)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP2/3/4/5\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"MozillaFirefox-78.10.0-112.57.2\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"MozillaFirefox-debuginfo-78.10.0-112.57.2\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"MozillaFirefox-debugsource-78.10.0-112.57.2\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"MozillaFirefox-devel-78.10.0-112.57.2\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"MozillaFirefox-translations-common-78.10.0-112.57.2\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"MozillaFirefox-78.10.0-112.57.2\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"MozillaFirefox-debuginfo-78.10.0-112.57.2\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"MozillaFirefox-debugsource-78.10.0-112.57.2\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"MozillaFirefox-devel-78.10.0-112.57.2\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"MozillaFirefox-translations-common-78.10.0-112.57.2\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"MozillaFirefox-78.10.0-112.57.2\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"MozillaFirefox-debuginfo-78.10.0-112.57.2\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"MozillaFirefox-debugsource-78.10.0-112.57.2\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"MozillaFirefox-devel-78.10.0-112.57.2\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"MozillaFirefox-translations-common-78.10.0-112.57.2\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"MozillaFirefox-78.10.0-112.57.2\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"MozillaFirefox-debuginfo-78.10.0-112.57.2\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"MozillaFirefox-debugsource-78.10.0-112.57.2\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"MozillaFirefox-devel-78.10.0-112.57.2\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"MozillaFirefox-translations-common-78.10.0-112.57.2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"MozillaFirefox\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T15:07:24", "description": "This update for MozillaFirefox fixes the following issues :\n\nMozilla Firefox was updated to 78.10.0 ESR (bsc#1184960)\n\n - CVE-2021-23994: Out of bound write due to lazy initialization\n\n - CVE-2021-23995: Use-after-free in Responsive Design Mode\n\n - CVE-2021-23998: Secure Lock icon could have been spoofed\n\n - CVE-2021-23961: More internal network hosts could have been probed by a malicious webpage\n\n - CVE-2021-23999: Blob URLs may have been granted additional privileges\n\n - CVE-2021-24002: Arbitrary FTP command execution on FTP servers using an encoded URL\n\n - CVE-2021-29945: Incorrect size computation in WebAssembly JIT could lead to null-reads\n\n - CVE-2021-29946: Port blocking could be bypassed\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2021-04-30T00:00:00", "type": "nessus", "title": "SUSE SLES15 Security Update : MozillaFirefox (SUSE-SU-2021:1433-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-23961", "CVE-2021-23994", "CVE-2021-23995", "CVE-2021-23998", "CVE-2021-23999", "CVE-2021-24002", "CVE-2021-29945", "CVE-2021-29946"], "modified": "2022-01-26T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:mozillafirefox", "p-cpe:/a:novell:suse_linux:mozillafirefox-debuginfo", "p-cpe:/a:novell:suse_linux:mozillafirefox-debugsource", "p-cpe:/a:novell:suse_linux:mozillafirefox-devel", "p-cpe:/a:novell:suse_linux:mozillafirefox-translations-common", "p-cpe:/a:novell:suse_linux:mozillafirefox-translations-other", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2021-1433-1.NASL", "href": "https://www.tenable.com/plugins/nessus/149180", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2021:1433-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(149180);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/01/26\");\n\n script_cve_id(\n \"CVE-2021-23961\",\n \"CVE-2021-23994\",\n \"CVE-2021-23995\",\n \"CVE-2021-23998\",\n \"CVE-2021-23999\",\n \"CVE-2021-24002\",\n \"CVE-2021-29945\",\n \"CVE-2021-29946\"\n );\n\n script_name(english:\"SUSE SLES15 Security Update : MozillaFirefox (SUSE-SU-2021:1433-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"This update for MozillaFirefox fixes the following issues :\n\nMozilla Firefox was updated to 78.10.0 ESR (bsc#1184960)\n\n - CVE-2021-23994: Out of bound write due to lazy\n initialization\n\n - CVE-2021-23995: Use-after-free in Responsive Design Mode\n\n - CVE-2021-23998: Secure Lock icon could have been spoofed\n\n - CVE-2021-23961: More internal network hosts could have\n been probed by a malicious webpage\n\n - CVE-2021-23999: Blob URLs may have been granted\n additional privileges\n\n - CVE-2021-24002: Arbitrary FTP command execution on FTP\n servers using an encoded URL\n\n - CVE-2021-29945: Incorrect size computation in\n WebAssembly JIT could lead to null-reads\n\n - CVE-2021-29946: Port blocking could be bypassed\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1184960\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-23961/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-23994/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-23995/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-23998/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-23999/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-24002/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-29945/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-29946/\");\n # https://www.suse.com/support/update/announcement/2021/suse-su-20211433-1\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?33751ca5\");\n script_set_attribute(attribute:\"solution\", value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Manager Server 4.0 :\n\nzypper in -t patch\nSUSE-SLE-Product-SUSE-Manager-Server-4.0-2021-1433=1\n\nSUSE Manager Retail Branch Server 4.0 :\n\nzypper in -t patch\nSUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.0-2021-1433=1\n\nSUSE Manager Proxy 4.0 :\n\nzypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.0-2021-1433=1\n\nSUSE Linux Enterprise Server for SAP 15-SP1 :\n\nzypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP1-2021-1433=1\n\nSUSE Linux Enterprise Server for SAP 15 :\n\nzypper in -t patch SUSE-SLE-Product-SLES_SAP-15-2021-1433=1\n\nSUSE Linux Enterprise Server 15-SP1-LTSS :\n\nzypper in -t patch SUSE-SLE-Product-SLES-15-SP1-LTSS-2021-1433=1\n\nSUSE Linux Enterprise Server 15-SP1-BCL :\n\nzypper in -t patch SUSE-SLE-Product-SLES-15-SP1-BCL-2021-1433=1\n\nSUSE Linux Enterprise Server 15-LTSS :\n\nzypper in -t patch SUSE-SLE-Product-SLES-15-2021-1433=1\n\nSUSE Linux Enterprise High Performance Computing 15-SP1-LTSS :\n\nzypper in -t patch SUSE-SLE-Product-HPC-15-SP1-LTSS-2021-1433=1\n\nSUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS :\n\nzypper in -t patch SUSE-SLE-Product-HPC-15-SP1-ESPOS-2021-1433=1\n\nSUSE Linux Enterprise High Performance Computing 15-LTSS :\n\nzypper in -t patch SUSE-SLE-Product-HPC-15-2021-1433=1\n\nSUSE Linux Enterprise High Performance Computing 15-ESPOS :\n\nzypper in -t patch SUSE-SLE-Product-HPC-15-2021-1433=1\n\nSUSE Enterprise Storage 6 :\n\nzypper in -t patch SUSE-Storage-6-2021-1433=1\n\nSUSE CaaS Platform 4.0 :\n\nTo install this update, use the SUSE CaaS Platform 'skuba' tool. I\nwill inform you if it detects new updates and let you then trigger\nupdating of the complete cluster in a controlled way.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-29946\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/02/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/04/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/04/30\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:MozillaFirefox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:MozillaFirefox-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:MozillaFirefox-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:MozillaFirefox-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:MozillaFirefox-translations-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:MozillaFirefox-translations-other\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES15\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(0|1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP0/1\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"MozillaFirefox-78.10.0-3.139.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"MozillaFirefox-debuginfo-78.10.0-3.139.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"MozillaFirefox-debugsource-78.10.0-3.139.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"MozillaFirefox-devel-78.10.0-3.139.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"MozillaFirefox-translations-common-78.10.0-3.139.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"MozillaFirefox-translations-other-78.10.0-3.139.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"MozillaFirefox-78.10.0-3.139.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"MozillaFirefox-debuginfo-78.10.0-3.139.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"MozillaFirefox-debugsource-78.10.0-3.139.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"MozillaFirefox-devel-78.10.0-3.139.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"MozillaFirefox-translations-common-78.10.0-3.139.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"MozillaFirefox-translations-other-78.10.0-3.139.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"MozillaFirefox\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:28:03", "description": "The version of Firefox ESR installed on the remote Windows host is prior to 78.10. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2021-15 advisory.\n\n - A WebGL framebuffer was not initialized early enough, resulting in memory corruption and an out of bound write. (CVE-2021-23994)\n\n - When Responsive Design Mode was enabled, it used references to objects that were previously freed. We presume that with enough effort this could have been exploited to run arbitrary code. (CVE-2021-23995)\n\n - Through complicated navigations with new windows, an HTTP page could have inherited a secure lock icon from an HTTPS page. (CVE-2021-23998)\n\n - Further techniques that built on the slipstream research combined with a malicious webpage could have exposed both an internal network's hosts as well as services running on the user's local machine.\n (CVE-2021-23961)\n\n - If a Blob URL was loaded through some unusual user interaction, it could have been loaded by the System Principal and granted additional privileges that should not be granted to web content. (CVE-2021-23999)\n\n - When a user clicked on an FTP URL containing encoded newline characters (%0A and %0D), the newlines would have been interpreted as such and allowed arbitrary commands to be sent to the FTP server.\n (CVE-2021-24002)\n\n - The WebAssembly JIT could miscalculate the size of a return type, which could lead to a null read and result in a crash. Note: This issue only affected x86-32 platforms. Other platforms are unaffected.\n (CVE-2021-29945)\n\n - Ports that were written as an integer overflow above the bounds of a 16-bit integer could have bypassed port blocking restrictions when used in the Alt-Svc header. (CVE-2021-29946)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-04-19T00:00:00", "type": "nessus", "title": "Mozilla Firefox ESR < 78.10", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-23961", "CVE-2021-23994", "CVE-2021-23995", "CVE-2021-23998", "CVE-2021-23999", "CVE-2021-24002", "CVE-2021-29945", "CVE-2021-29946"], "modified": "2021-08-19T00:00:00", "cpe": ["cpe:/a:mozilla:firefox_esr"], "id": "MOZILLA_FIREFOX_78_10_ESR.NASL", "href": "https://www.tenable.com/plugins/nessus/148775", "sourceData": "## \n# (C) Tenable Network Security, Inc.\n# \n# The descriptive text and package checks in this plugin were\n# extracted from Mozilla Foundation Security Advisory mfsa2021-15.\n# The text itself is copyright (C) Mozilla Foundation.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(148775);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/08/19\");\n\n script_cve_id(\n \"CVE-2021-23961\",\n \"CVE-2021-23994\",\n \"CVE-2021-23995\",\n \"CVE-2021-23998\",\n \"CVE-2021-23999\",\n \"CVE-2021-24002\",\n \"CVE-2021-29945\",\n \"CVE-2021-29946\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0185-S\");\n\n script_name(english:\"Mozilla Firefox ESR < 78.10\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A web browser installed on the remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Firefox ESR installed on the remote Windows host is prior to 78.10. It is, therefore, affected by\nmultiple vulnerabilities as referenced in the mfsa2021-15 advisory.\n\n - A WebGL framebuffer was not initialized early enough, resulting in memory corruption and an out of bound\n write. (CVE-2021-23994)\n\n - When Responsive Design Mode was enabled, it used references to objects that were previously freed. We\n presume that with enough effort this could have been exploited to run arbitrary code. (CVE-2021-23995)\n\n - Through complicated navigations with new windows, an HTTP page could have inherited a secure lock icon\n from an HTTPS page. (CVE-2021-23998)\n\n - Further techniques that built on the slipstream research combined with a malicious webpage could have\n exposed both an internal network's hosts as well as services running on the user's local machine.\n (CVE-2021-23961)\n\n - If a Blob URL was loaded through some unusual user interaction, it could have been loaded by the System\n Principal and granted additional privileges that should not be granted to web content. (CVE-2021-23999)\n\n - When a user clicked on an FTP URL containing encoded newline characters (%0A and %0D), the newlines would\n have been interpreted as such and allowed arbitrary commands to be sent to the FTP server.\n (CVE-2021-24002)\n\n - The WebAssembly JIT could miscalculate the size of a return type, which could lead to a null read and\n result in a crash. Note: This issue only affected x86-32 platforms. Other platforms are unaffected.\n (CVE-2021-29945)\n\n - Ports that were written as an integer overflow above the bounds of a 16-bit integer could have bypassed\n port blocking restrictions when used in the Alt-Svc header. (CVE-2021-29946)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2021-15/\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Mozilla Firefox ESR version 78.10 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-29946\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/01/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/04/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/04/19\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:mozilla:firefox_esr\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"mozilla_org_installed.nasl\");\n script_require_keys(\"Mozilla/Firefox/Version\");\n\n exit(0);\n}\n\ninclude('mozilla_version.inc');\n\nport = get_kb_item('SMB/transport');\nif (!port) port = 445;\n\ninstalls = get_kb_list('SMB/Mozilla/Firefox/*');\nif (isnull(installs)) audit(AUDIT_NOT_INST, 'Firefox');\n\nmozilla_check_version(installs:installs, product:'firefox', esr:TRUE, fix:'78.10', min:'78.0.0', severity:SECURITY_WARNING);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:27:04", "description": "The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2021-1363 advisory.\n\n - Further techniques that built on the slipstream research combined with a malicious webpage could have exposed both an internal network's hosts as well as services running on the user's local machine. This vulnerability affects Firefox < 85. (CVE-2021-23961)\n\n - A WebGL framebuffer was not initialized early enough, resulting in memory corruption and an out of bound write. (CVE-2021-23994)\n\n - When Responsive Design Mode was enabled, it used references to objects that were previously freed. We presume that with enough effort this could have been exploited to run arbitrary code. (CVE-2021-23995)\n\n - Through complicated navigations with new windows, an HTTP page could have inherited a secure lock icon from an HTTPS page. (CVE-2021-23998)\n\n - If a Blob URL was loaded through some unusual user interaction, it could have been loaded by the System Principal and granted additional privileges that should not be granted to web content. (CVE-2021-23999)\n\n - When a user clicked on an FTP URL containing encoded newline characters (%0A and %0D), the newlines would have been interpreted as such and allowed arbitrary commands to be sent to the FTP server.\n (CVE-2021-24002)\n\n - The WebAssembly JIT could miscalculate the size of a return type, which could lead to a null read and result in a crash. Note: This issue only affected x86-32 platforms. Other platforms are unaffected.\n (CVE-2021-29945)\n\n - Ports that were written as an integer overflow above the bounds of a 16-bit integer could have bypassed port blocking restrictions when used in the Alt-Svc header. (CVE-2021-29946)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-04-27T00:00:00", "type": "nessus", "title": "Oracle Linux 7 : firefox (ELSA-2021-1363)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-23961", "CVE-2021-23994", "CVE-2021-23995", "CVE-2021-23998", "CVE-2021-23999", "CVE-2021-24002", "CVE-2021-29945", "CVE-2021-29946"], "modified": "2021-06-28T00:00:00", "cpe": ["cpe:/o:oracle:linux:7", "p-cpe:/a:oracle:linux:firefox"], "id": "ORACLELINUX_ELSA-2021-1363.NASL", "href": "https://www.tenable.com/plugins/nessus/149001", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2021-1363.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(149001);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/06/28\");\n\n script_cve_id(\n \"CVE-2021-23961\",\n \"CVE-2021-23994\",\n \"CVE-2021-23995\",\n \"CVE-2021-23998\",\n \"CVE-2021-23999\",\n \"CVE-2021-24002\",\n \"CVE-2021-29945\",\n \"CVE-2021-29946\"\n );\n\n script_name(english:\"Oracle Linux 7 : firefox (ELSA-2021-1363)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the\nELSA-2021-1363 advisory.\n\n - Further techniques that built on the slipstream research combined with a malicious webpage could have\n exposed both an internal network's hosts as well as services running on the user's local machine. This\n vulnerability affects Firefox < 85. (CVE-2021-23961)\n\n - A WebGL framebuffer was not initialized early enough, resulting in memory corruption and an out of bound\n write. (CVE-2021-23994)\n\n - When Responsive Design Mode was enabled, it used references to objects that were previously freed. We\n presume that with enough effort this could have been exploited to run arbitrary code. (CVE-2021-23995)\n\n - Through complicated navigations with new windows, an HTTP page could have inherited a secure lock icon\n from an HTTPS page. (CVE-2021-23998)\n\n - If a Blob URL was loaded through some unusual user interaction, it could have been loaded by the System\n Principal and granted additional privileges that should not be granted to web content. (CVE-2021-23999)\n\n - When a user clicked on an FTP URL containing encoded newline characters (%0A and %0D), the newlines would\n have been interpreted as such and allowed arbitrary commands to be sent to the FTP server.\n (CVE-2021-24002)\n\n - The WebAssembly JIT could miscalculate the size of a return type, which could lead to a null read and\n result in a crash. Note: This issue only affected x86-32 platforms. Other platforms are unaffected.\n (CVE-2021-29945)\n\n - Ports that were written as an integer overflow above the bounds of a 16-bit integer could have bypassed\n port blocking restrictions when used in the Alt-Svc header. (CVE-2021-29946)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2021-1363.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected firefox package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-29946\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/01/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/04/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/04/27\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:firefox\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 7', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\n\npkgs = [\n {'reference':'firefox-78.10.0-1.0.1.el7_9', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE},\n {'reference':'firefox-78.10.0-1.0.1.el7_9', 'cpu':'i686', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE},\n {'reference':'firefox-78.10.0-1.0.1.el7_9', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n reference = NULL;\n release = NULL;\n sp = NULL;\n cpu = NULL;\n el_string = NULL;\n rpm_spec_vers_cmp = NULL;\n epoch = NULL;\n allowmaj = NULL;\n rpm_prefix = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['rpm_prefix'])) rpm_prefix = package_array['rpm_prefix'];\n if (reference && release) {\n if (rpm_prefix) {\n if (rpm_exists(release:release, rpm:rpm_prefix) && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'firefox');\n}", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T14:16:11", "description": "The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2021:1361 advisory.\n\n - Mozilla: More internal network hosts could have been probed by a malicious webpage (CVE-2021-23961)\n\n - Mozilla: Out of bound write due to lazy initialization (CVE-2021-23994)\n\n - Mozilla: Use-after-free in Responsive Design Mode (CVE-2021-23995)\n\n - Mozilla: Secure Lock icon could have been spoofed (CVE-2021-23998)\n\n - Mozilla: Blob URLs may have been granted additional privileges (CVE-2021-23999)\n\n - Mozilla: Arbitrary FTP command execution on FTP servers using an encoded URL (CVE-2021-24002)\n\n - Mozilla: Incorrect size computation in WebAssembly JIT could lead to null-reads (CVE-2021-29945)\n\n - Mozilla: Port blocking could be bypassed (CVE-2021-29946)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-04-26T00:00:00", "type": "nessus", "title": "RHEL 8 : firefox (RHSA-2021:1361)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-23961", "CVE-2021-23994", "CVE-2021-23995", "CVE-2021-23998", "CVE-2021-23999", "CVE-2021-24002", "CVE-2021-29945", "CVE-2021-29946"], "modified": "2023-05-24T00:00:00", "cpe": ["cpe:/o:redhat:rhel_aus:8.2", "cpe:/o:redhat:rhel_e4s:8.2", "cpe:/o:redhat:rhel_eus:8.2", "cpe:/o:redhat:rhel_tus:8.2", "p-cpe:/a:redhat:enterprise_linux:firefox"], "id": "REDHAT-RHSA-2021-1361.NASL", "href": "https://www.tenable.com/plugins/nessus/148989", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2021:1361. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(148989);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/24\");\n\n script_cve_id(\n \"CVE-2021-23961\",\n \"CVE-2021-23994\",\n \"CVE-2021-23995\",\n \"CVE-2021-23998\",\n \"CVE-2021-23999\",\n \"CVE-2021-24002\",\n \"CVE-2021-29945\",\n \"CVE-2021-29946\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0051-S\");\n script_xref(name:\"RHSA\", value:\"2021:1361\");\n script_xref(name:\"IAVA\", value:\"2021-A-0185-S\");\n\n script_name(english:\"RHEL 8 : firefox (RHSA-2021:1361)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as\nreferenced in the RHSA-2021:1361 advisory.\n\n - Mozilla: More internal network hosts could have been probed by a malicious webpage (CVE-2021-23961)\n\n - Mozilla: Out of bound write due to lazy initialization (CVE-2021-23994)\n\n - Mozilla: Use-after-free in Responsive Design Mode (CVE-2021-23995)\n\n - Mozilla: Secure Lock icon could have been spoofed (CVE-2021-23998)\n\n - Mozilla: Blob URLs may have been granted additional privileges (CVE-2021-23999)\n\n - Mozilla: Arbitrary FTP command execution on FTP servers using an encoded URL (CVE-2021-24002)\n\n - Mozilla: Incorrect size computation in WebAssembly JIT could lead to null-reads (CVE-2021-29945)\n\n - Mozilla: Port blocking could be bypassed (CVE-2021-29946)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-23961\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-23994\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-23995\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-23998\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-23999\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-24002\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-29945\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-29946\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2021:1361\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1951364\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1951365\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1951366\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1951367\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1951368\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1951369\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1951370\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1951371\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected firefox package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-29946\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(88, 190, 200, 281, 416, 476, 787);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/01/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/04/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/04/26\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:firefox\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'eq', os_version: os_ver, rhel_version: '8.2')) audit(AUDIT_OS_NOT, 'Red Hat 8.2', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/aus/rhel8/8.2/x86_64/appstream/debug',\n 'content/aus/rhel8/8.2/x86_64/appstream/os',\n 'content/aus/rhel8/8.2/x86_64/appstream/source/SRPMS',\n 'content/aus/rhel8/8.2/x86_64/baseos/debug',\n 'content/aus/rhel8/8.2/x86_64/baseos/os',\n 'content/aus/rhel8/8.2/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.2/ppc64le/appstream/debug',\n 'content/e4s/rhel8/8.2/ppc64le/appstream/os',\n 'content/e4s/rhel8/8.2/ppc64le/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.2/ppc64le/baseos/debug',\n 'content/e4s/rhel8/8.2/ppc64le/baseos/os',\n 'content/e4s/rhel8/8.2/ppc64le/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.2/ppc64le/highavailability/debug',\n 'content/e4s/rhel8/8.2/ppc64le/highavailability/os',\n 'content/e4s/rhel8/8.2/ppc64le/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.2/ppc64le/sap-solutions/debug',\n 'content/e4s/rhel8/8.2/ppc64le/sap-solutions/os',\n 'content/e4s/rhel8/8.2/ppc64le/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.2/ppc64le/sap/debug',\n 'content/e4s/rhel8/8.2/ppc64le/sap/os',\n 'content/e4s/rhel8/8.2/ppc64le/sap/source/SRPMS',\n 'content/e4s/rhel8/8.2/x86_64/appstream/debug',\n 'content/e4s/rhel8/8.2/x86_64/appstream/os',\n 'content/e4s/rhel8/8.2/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.2/x86_64/baseos/debug',\n 'content/e4s/rhel8/8.2/x86_64/baseos/os',\n 'content/e4s/rhel8/8.2/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.2/x86_64/highavailability/debug',\n 'content/e4s/rhel8/8.2/x86_64/highavailability/os',\n 'content/e4s/rhel8/8.2/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.2/x86_64/sap-solutions/debug',\n 'content/e4s/rhel8/8.2/x86_64/sap-solutions/os',\n 'content/e4s/rhel8/8.2/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.2/x86_64/sap/debug',\n 'content/e4s/rhel8/8.2/x86_64/sap/os',\n 'content/e4s/rhel8/8.2/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.2/aarch64/appstream/debug',\n 'content/eus/rhel8/8.2/aarch64/appstream/os',\n 'content/eus/rhel8/8.2/aarch64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.2/aarch64/baseos/debug',\n 'content/eus/rhel8/8.2/aarch64/baseos/os',\n 'content/eus/rhel8/8.2/aarch64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.2/aarch64/codeready-builder/debug',\n 'content/eus/rhel8/8.2/aarch64/codeready-builder/os',\n 'content/eus/rhel8/8.2/aarch64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.2/aarch64/highavailability/debug',\n 'content/eus/rhel8/8.2/aarch64/highavailability/os',\n 'content/eus/rhel8/8.2/aarch64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.2/aarch64/supplementary/debug',\n 'content/eus/rhel8/8.2/aarch64/supplementary/os',\n 'content/eus/rhel8/8.2/aarch64/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/appstream/debug',\n 'content/eus/rhel8/8.2/ppc64le/appstream/os',\n 'content/eus/rhel8/8.2/ppc64le/appstream/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/baseos/debug',\n 'content/eus/rhel8/8.2/ppc64le/baseos/os',\n 'content/eus/rhel8/8.2/ppc64le/baseos/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/codeready-builder/debug',\n 'content/eus/rhel8/8.2/ppc64le/codeready-builder/os',\n 'content/eus/rhel8/8.2/ppc64le/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/highavailability/debug',\n 'content/eus/rhel8/8.2/ppc64le/highavailability/os',\n 'content/eus/rhel8/8.2/ppc64le/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/resilientstorage/debug',\n 'content/eus/rhel8/8.2/ppc64le/resilientstorage/os',\n 'content/eus/rhel8/8.2/ppc64le/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/sap-solutions/debug',\n 'content/eus/rhel8/8.2/ppc64le/sap-solutions/os',\n 'content/eus/rhel8/8.2/ppc64le/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/sap/debug',\n 'content/eus/rhel8/8.2/ppc64le/sap/os',\n 'content/eus/rhel8/8.2/ppc64le/sap/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/supplementary/debug',\n 'content/eus/rhel8/8.2/ppc64le/supplementary/os',\n 'content/eus/rhel8/8.2/ppc64le/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.2/s390x/appstream/debug',\n 'content/eus/rhel8/8.2/s390x/appstream/os',\n 'content/eus/rhel8/8.2/s390x/appstream/source/SRPMS',\n 'content/eus/rhel8/8.2/s390x/baseos/debug',\n 'content/eus/rhel8/8.2/s390x/baseos/os',\n 'content/eus/rhel8/8.2/s390x/baseos/source/SRPMS',\n 'content/eus/rhel8/8.2/s390x/codeready-builder/debug',\n 'content/eus/rhel8/8.2/s390x/codeready-builder/os',\n 'content/eus/rhel8/8.2/s390x/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.2/s390x/highavailability/debug',\n 'content/eus/rhel8/8.2/s390x/highavailability/os',\n 'content/eus/rhel8/8.2/s390x/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.2/s390x/resilientstorage/debug',\n 'content/eus/rhel8/8.2/s390x/resilientstorage/os',\n 'content/eus/rhel8/8.2/s390x/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.2/s390x/sap/debug',\n 'content/eus/rhel8/8.2/s390x/sap/os',\n 'content/eus/rhel8/8.2/s390x/sap/source/SRPMS',\n 'content/eus/rhel8/8.2/s390x/supplementary/debug',\n 'content/eus/rhel8/8.2/s390x/supplementary/os',\n 'content/eus/rhel8/8.2/s390x/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/appstream/debug',\n 'content/eus/rhel8/8.2/x86_64/appstream/os',\n 'content/eus/rhel8/8.2/x86_64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/baseos/debug',\n 'content/eus/rhel8/8.2/x86_64/baseos/os',\n 'content/eus/rhel8/8.2/x86_64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/codeready-builder/debug',\n 'content/eus/rhel8/8.2/x86_64/codeready-builder/os',\n 'content/eus/rhel8/8.2/x86_64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/highavailability/debug',\n 'content/eus/rhel8/8.2/x86_64/highavailability/os',\n 'content/eus/rhel8/8.2/x86_64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/resilientstorage/debug',\n 'content/eus/rhel8/8.2/x86_64/resilientstorage/os',\n 'content/eus/rhel8/8.2/x86_64/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/sap-solutions/debug',\n 'content/eus/rhel8/8.2/x86_64/sap-solutions/os',\n 'content/eus/rhel8/8.2/x86_64/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/sap/debug',\n 'content/eus/rhel8/8.2/x86_64/sap/os',\n 'content/eus/rhel8/8.2/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/supplementary/debug',\n 'content/eus/rhel8/8.2/x86_64/supplementary/os',\n 'content/eus/rhel8/8.2/x86_64/supplementary/source/SRPMS',\n 'content/tus/rhel8/8.2/x86_64/appstream/debug',\n 'content/tus/rhel8/8.2/x86_64/appstream/os',\n 'content/tus/rhel8/8.2/x86_64/appstream/source/SRPMS',\n 'content/tus/rhel8/8.2/x86_64/baseos/debug',\n 'content/tus/rhel8/8.2/x86_64/baseos/os',\n 'content/tus/rhel8/8.2/x86_64/baseos/source/SRPMS',\n 'content/tus/rhel8/8.2/x86_64/highavailability/debug',\n 'content/tus/rhel8/8.2/x86_64/highavailability/os',\n 'content/tus/rhel8/8.2/x86_64/highavailability/source/SRPMS',\n 'content/tus/rhel8/8.2/x86_64/nfv/debug',\n 'content/tus/rhel8/8.2/x86_64/nfv/os',\n 'content/tus/rhel8/8.2/x86_64/nfv/source/SRPMS',\n 'content/tus/rhel8/8.2/x86_64/rt/debug',\n 'content/tus/rhel8/8.2/x86_64/rt/os',\n 'content/tus/rhel8/8.2/x86_64/rt/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'firefox-78.10.0-1.el8_2', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var subscription_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in the Red Hat Enterprise Linux\\n' +\n 'Advanced Update Support, Extended Update Support, Telco Extended Update Support or Update Services for SAP Solutions repositories.\\n' +\n 'Access to these repositories requires a paid RHEL subscription.\\n';\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = subscription_caveat + rpm_report_get() + redhat_report_repo_caveat();\n else extra = subscription_caveat + rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'firefox');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-28T15:44:18", "description": "The remote NewStart CGSL host, running version MAIN 6.02, has firefox packages installed that are affected by multiple vulnerabilities:\n\n - Further techniques that built on the slipstream research combined with a malicious webpage could have exposed both an internal network's hosts as well as services running on the user's local machine. This vulnerability affects Firefox < 85. (CVE-2021-23961)\n\n - A WebGL framebuffer was not initialized early enough, resulting in memory corruption and an out of bound write. This vulnerability affects Firefox ESR < 78.10, Thunderbird < 78.10, and Firefox < 88.\n (CVE-2021-23994)\n\n - When Responsive Design Mode was enabled, it used references to objects that were previously freed. We presume that with enough effort this could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 78.10, Thunderbird < 78.10, and Firefox < 88. (CVE-2021-23995)\n\n - Through complicated navigations with new windows, an HTTP page could have inherited a secure lock icon from an HTTPS page. This vulnerability affects Firefox ESR < 78.10, Thunderbird < 78.10, and Firefox < 88.\n (CVE-2021-23998)\n\n - If a Blob URL was loaded through some unusual user interaction, it could have been loaded by the System Principal and granted additional privileges that should not be granted to web content. This vulnerability affects Firefox ESR < 78.10, Thunderbird < 78.10, and Firefox < 88. (CVE-2021-23999)\n\n - When a user clicked on an FTP URL containing encoded newline characters (%0A and %0D), the newlines would have been interpreted as such and allowed arbitrary commands to be sent to the FTP server. This vulnerability affects Firefox ESR < 78.10, Thunderbird < 78.10, and Firefox < 88. (CVE-2021-24002)\n\n - The WebAssembly JIT could miscalculate the size of a return type, which could lead to a null read and result in a crash. *Note: This issue only affected x86-32 platforms. Other platforms are unaffected.*.\n This vulnerability affects Firefox ESR < 78.10, Thunderbird < 78.10, and Firefox < 88. (CVE-2021-29945)\n\n - Ports that were written as an integer overflow above the bounds of a 16-bit integer could have bypassed port blocking restrictions when used in the Alt-Svc header. This vulnerability affects Firefox ESR < 78.10, Thunderbird < 78.10, and Firefox < 88. (CVE-2021-29946)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-10-27T00:00:00", "type": "nessus", "title": "NewStart CGSL MAIN 6.02 : firefox Multiple Vulnerabilities (NS-SA-2021-0131)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-23961", "CVE-2021-23994", "CVE-2021-23995", "CVE-2021-23998", "CVE-2021-23999", "CVE-2021-24002", "CVE-2021-29945", "CVE-2021-29946"], "modified": "2023-11-27T00:00:00", "cpe": ["p-cpe:/a:zte:cgsl_main:firefox", "cpe:/o:zte:cgsl_main:6"], "id": "NEWSTART_CGSL_NS-SA-2021-0131_FIREFOX.NASL", "href": "https://www.tenable.com/plugins/nessus/154502", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from ZTE advisory NS-SA-2021-0131. The text\n# itself is copyright (C) ZTE, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(154502);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/11/27\");\n\n script_cve_id(\n \"CVE-2021-23961\",\n \"CVE-2021-23994\",\n \"CVE-2021-23995\",\n \"CVE-2021-23998\",\n \"CVE-2021-23999\",\n \"CVE-2021-24002\",\n \"CVE-2021-29945\",\n \"CVE-2021-29946\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0051-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0185-S\");\n\n script_name(english:\"NewStart CGSL MAIN 6.02 : firefox Multiple Vulnerabilities (NS-SA-2021-0131)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote NewStart CGSL host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote NewStart CGSL host, running version MAIN 6.02, has firefox packages installed that are affected by multiple\nvulnerabilities:\n\n - Further techniques that built on the slipstream research combined with a malicious webpage could have\n exposed both an internal network's hosts as well as services running on the user's local machine. This\n vulnerability affects Firefox < 85. (CVE-2021-23961)\n\n - A WebGL framebuffer was not initialized early enough, resulting in memory corruption and an out of bound\n write. This vulnerability affects Firefox ESR < 78.10, Thunderbird < 78.10, and Firefox < 88.\n (CVE-2021-23994)\n\n - When Responsive Design Mode was enabled, it used references to objects that were previously freed. We\n presume that with enough effort this could have been exploited to run arbitrary code. This vulnerability\n affects Firefox ESR < 78.10, Thunderbird < 78.10, and Firefox < 88. (CVE-2021-23995)\n\n - Through complicated navigations with new windows, an HTTP page could have inherited a secure lock icon\n from an HTTPS page. This vulnerability affects Firefox ESR < 78.10, Thunderbird < 78.10, and Firefox < 88.\n (CVE-2021-23998)\n\n - If a Blob URL was loaded through some unusual user interaction, it could have been loaded by the System\n Principal and granted additional privileges that should not be granted to web content. This vulnerability\n affects Firefox ESR < 78.10, Thunderbird < 78.10, and Firefox < 88. (CVE-2021-23999)\n\n - When a user clicked on an FTP URL containing encoded newline characters (%0A and %0D), the newlines would\n have been interpreted as such and allowed arbitrary commands to be sent to the FTP server. This\n vulnerability affects Firefox ESR < 78.10, Thunderbird < 78.10, and Firefox < 88. (CVE-2021-24002)\n\n - The WebAssembly JIT could miscalculate the size of a return type, which could lead to a null read and\n result in a crash. *Note: This issue only affected x86-32 platforms. Other platforms are unaffected.*.\n This vulnerability affects Firefox ESR < 78.10, Thunderbird < 78.10, and Firefox < 88. (CVE-2021-29945)\n\n - Ports that were written as an integer overflow above the bounds of a 16-bit integer could have bypassed\n port blocking restrictions when used in the Alt-Svc header. This vulnerability affects Firefox ESR <\n 78.10, Thunderbird < 78.10, and Firefox < 88. (CVE-2021-29946)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/notice/NS-SA-2021-0131\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2021-23961\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2021-23994\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2021-23995\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2021-23998\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2021-23999\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2021-24002\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2021-29945\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2021-29946\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the vulnerable CGSL firefox packages. Note that updated packages may not be available yet. Please contact ZTE\nfor more information.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-29946\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/01/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/09/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/10/27\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_main:firefox\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:zte:cgsl_main:6\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"NewStart CGSL Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/ZTE-CGSL/release\", \"Host/ZTE-CGSL/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item('Host/ZTE-CGSL/release');\nif (isnull(release) || release !~ \"^CGSL (MAIN|CORE)\") audit(AUDIT_OS_NOT, 'NewStart Carrier Grade Server Linux');\n\nif (release !~ \"CGSL MAIN 6.02\")\n audit(AUDIT_OS_NOT, 'NewStart CGSL MAIN 6.02');\n\nif (!get_kb_item('Host/ZTE-CGSL/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'NewStart Carrier Grade Server Linux', cpu);\n\nvar flag = 0;\n\nvar pkgs = {\n 'CGSL MAIN 6.02': [\n 'firefox-78.10.0-1.el8_3'\n ]\n};\nvar pkg_list = pkgs[release];\n\nforeach (pkg in pkg_list)\n if (rpm_check(release:'ZTE ' + release, reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'firefox');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T14:16:49", "description": "The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2021:1363 advisory.\n\n - Mozilla: More internal network hosts could have been probed by a malicious webpage (CVE-2021-23961)\n\n - Mozilla: Out of bound write due to lazy initialization (CVE-2021-23994)\n\n - Mozilla: Use-after-free in Responsive Design Mode (CVE-2021-23995)\n\n - Mozilla: Secure Lock icon could have been spoofed (CVE-2021-23998)\n\n - Mozilla: Blob URLs may have been granted additional privileges (CVE-2021-23999)\n\n - Mozilla: Arbitrary FTP command execution on FTP servers using an encoded URL (CVE-2021-24002)\n\n - Mozilla: Incorrect size computation in WebAssembly JIT could lead to null-reads (CVE-2021-29945)\n\n - Mozilla: Port blocking could be bypassed (CVE-2021-29946)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-04-26T00:00:00", "type": "nessus", "title": "RHEL 7 : firefox (RHSA-2021:1363)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-23961", "CVE-2021-23994", "CVE-2021-23995", "CVE-2021-23998", "CVE-2021-23999", "CVE-2021-24002", "CVE-2021-29945", "CVE-2021-29946"], "modified": "2023-05-24T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:7", "p-cpe:/a:redhat:enterprise_linux:firefox"], "id": "REDHAT-RHSA-2021-1363.NASL", "href": "https://www.tenable.com/plugins/nessus/148990", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2021:1363. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(148990);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/24\");\n\n script_cve_id(\n \"CVE-2021-23961\",\n \"CVE-2021-23994\",\n \"CVE-2021-23995\",\n \"CVE-2021-23998\",\n \"CVE-2021-23999\",\n \"CVE-2021-24002\",\n \"CVE-2021-29945\",\n \"CVE-2021-29946\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0051-S\");\n script_xref(name:\"RHSA\", value:\"2021:1363\");\n script_xref(name:\"IAVA\", value:\"2021-A-0185-S\");\n\n script_name(english:\"RHEL 7 : firefox (RHSA-2021:1363)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as\nreferenced in the RHSA-2021:1363 advisory.\n\n - Mozilla: More internal network hosts could have been probed by a malicious webpage (CVE-2021-23961)\n\n - Mozilla: Out of bound write due to lazy initialization (CVE-2021-23994)\n\n - Mozilla: Use-after-free in Responsive Design Mode (CVE-2021-23995)\n\n - Mozilla: Secure Lock icon could have been spoofed (CVE-2021-23998)\n\n - Mozilla: Blob URLs may have been granted additional privileges (CVE-2021-23999)\n\n - Mozilla: Arbitrary FTP command execution on FTP servers using an encoded URL (CVE-2021-24002)\n\n - Mozilla: Incorrect size computation in WebAssembly JIT could lead to null-reads (CVE-2021-29945)\n\n - Mozilla: Port blocking could be bypassed (CVE-2021-29946)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-23961\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-23994\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-23995\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-23998\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-23999\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-24002\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-29945\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-29946\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2021:1363\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1951364\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1951365\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1951366\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1951367\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1951368\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1951369\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1951370\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1951371\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected firefox package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-29946\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(88, 190, 200, 281, 416, 476, 787);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/01/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/04/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/04/26\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:firefox\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '7')) audit(AUDIT_OS_NOT, 'Red Hat 7.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/dist/rhel-alt/server/7/7Server/armv8-a/aarch64/debug',\n 'content/dist/rhel-alt/server/7/7Server/armv8-a/aarch64/optional/debug',\n 'content/dist/rhel-alt/server/7/7Server/armv8-a/aarch64/optional/os',\n 'content/dist/rhel-alt/server/7/7Server/armv8-a/aarch64/optional/source/SRPMS',\n 'content/dist/rhel-alt/server/7/7Server/armv8-a/aarch64/os',\n 'content/dist/rhel-alt/server/7/7Server/armv8-a/aarch64/source/SRPMS',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/debug',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/optional/debug',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/optional/os',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/optional/source/SRPMS',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/os',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/source/SRPMS',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/supplementary/debug',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/supplementary/source/SRPMS',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/debug',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/optional/debug',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/optional/os',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/optional/source/SRPMS',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/os',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/source/SRPMS',\n 'content/dist/rhel/client/7/7Client/x86_64/debug',\n 'content/dist/rhel/client/7/7Client/x86_64/optional/debug',\n 'content/dist/rhel/client/7/7Client/x86_64/optional/os',\n 'content/dist/rhel/client/7/7Client/x86_64/optional/source/SRPMS',\n 'content/dist/rhel/client/7/7Client/x86_64/oracle-java-rm/os',\n 'content/dist/rhel/client/7/7Client/x86_64/os',\n 'content/dist/rhel/client/7/7Client/x86_64/source/SRPMS',\n 'content/dist/rhel/client/7/7Client/x86_64/supplementary/debug',\n 'content/dist/rhel/client/7/7Client/x86_64/supplementary/os',\n 'content/dist/rhel/client/7/7Client/x86_64/supplementary/source/SRPMS',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/debug',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/optional/debug',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/optional/os',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/optional/source/SRPMS',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/oracle-java-rm/os',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/os',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/source/SRPMS',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/supplementary/debug',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/supplementary/os',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/supplementary/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/highavailability/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/highavailability/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/highavailability/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/optional/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/optional/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/optional/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/resilientstorage/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/resilientstorage/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/resilientstorage/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap-hana/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap-hana/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap-hana/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/supplementary/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/supplementary/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/supplementary/source/SRPMS',\n 'content/dist/rhel/power/7/7Server/ppc64/debug',\n 'content/dist/rhel/power/7/7Server/ppc64/optional/debug',\n 'content/dist/rhel/power/7/7Server/ppc64/optional/os',\n 'content/dist/rhel/power/7/7Server/ppc64/optional/source/SRPMS',\n 'content/dist/rhel/power/7/7Server/ppc64/os',\n 'content/dist/rhel/power/7/7Server/ppc64/sap/debug',\n 'content/dist/rhel/power/7/7Server/ppc64/sap/os',\n 'content/dist/rhel/power/7/7Server/ppc64/sap/source/SRPMS',\n 'content/dist/rhel/power/7/7Server/ppc64/source/SRPMS',\n 'content/dist/rhel/power/7/7Server/ppc64/supplementary/debug',\n 'content/dist/rhel/power/7/7Server/ppc64/supplementary/os',\n 'content/dist/rhel/power/7/7Server/ppc64/supplementary/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/highavailability/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/highavailability/os',\n 'content/dist/rhel/server/7/7Server/x86_64/highavailability/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/nfv/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/nfv/os',\n 'content/dist/rhel/server/7/7Server/x86_64/nfv/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/optional/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/optional/os',\n 'content/dist/rhel/server/7/7Server/x86_64/optional/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/oracle-java-rm/os',\n 'content/dist/rhel/server/7/7Server/x86_64/os',\n 'content/dist/rhel/server/7/7Server/x86_64/resilientstorage/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/resilientstorage/os',\n 'content/dist/rhel/server/7/7Server/x86_64/resilientstorage/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/rt/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/rt/os',\n 'content/dist/rhel/server/7/7Server/x86_64/rt/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/sap-hana/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/sap-hana/os',\n 'content/dist/rhel/server/7/7Server/x86_64/sap-hana/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/sap/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/sap/os',\n 'content/dist/rhel/server/7/7Server/x86_64/sap/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/supplementary/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/supplementary/os',\n 'content/dist/rhel/server/7/7Server/x86_64/supplementary/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/highavailability/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/highavailability/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/highavailability/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/optional/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/optional/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/optional/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/resilientstorage/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/resilientstorage/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/resilientstorage/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/sap/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/sap/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/sap/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/supplementary/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/supplementary/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/supplementary/source/SRPMS',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/debug',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/optional/debug',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/optional/os',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/optional/source/SRPMS',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/oracle-java-rm/os',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/os',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/source/SRPMS',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/supplementary/debug',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/supplementary/os',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/supplementary/source/SRPMS',\n 'content/fastrack/rhel/client/7/x86_64/debug',\n 'content/fastrack/rhel/client/7/x86_64/optional/debug',\n 'content/fastrack/rhel/client/7/x86_64/optional/os',\n 'content/fastrack/rhel/client/7/x86_64/optional/source/SRPMS',\n 'content/fastrack/rhel/client/7/x86_64/os',\n 'content/fastrack/rhel/client/7/x86_64/source/SRPMS',\n 'content/fastrack/rhel/computenode/7/x86_64/debug',\n 'content/fastrack/rhel/computenode/7/x86_64/optional/debug',\n 'content/fastrack/rhel/computenode/7/x86_64/optional/os',\n 'content/fastrack/rhel/computenode/7/x86_64/optional/source/SRPMS',\n 'content/fastrack/rhel/computenode/7/x86_64/os',\n 'content/fastrack/rhel/computenode/7/x86_64/source/SRPMS',\n 'content/fastrack/rhel/power/7/ppc64/debug',\n 'content/fastrack/rhel/power/7/ppc64/optional/debug',\n 'content/fastrack/rhel/power/7/ppc64/optional/os',\n 'content/fastrack/rhel/power/7/ppc64/optional/source/SRPMS',\n 'content/fastrack/rhel/power/7/ppc64/os',\n 'content/fastrack/rhel/power/7/ppc64/source/SRPMS',\n 'content/fastrack/rhel/server/7/x86_64/debug',\n 'content/fastrack/rhel/server/7/x86_64/highavailability/debug',\n 'content/fastrack/rhel/server/7/x86_64/highavailability/os',\n 'content/fastrack/rhel/server/7/x86_64/highavailability/source/SRPMS',\n 'content/fastrack/rhel/server/7/x86_64/optional/debug',\n 'content/fastrack/rhel/server/7/x86_64/optional/os',\n 'content/fastrack/rhel/server/7/x86_64/optional/source/SRPMS',\n 'content/fastrack/rhel/server/7/x86_64/os',\n 'content/fastrack/rhel/server/7/x86_64/resilientstorage/debug',\n 'content/fastrack/rhel/server/7/x86_64/resilientstorage/os',\n 'content/fastrack/rhel/server/7/x86_64/resilientstorage/source/SRPMS',\n 'content/fastrack/rhel/server/7/x86_64/source/SRPMS',\n 'content/fastrack/rhel/system-z/7/s390x/debug',\n 'content/fastrack/rhel/system-z/7/s390x/optional/debug',\n 'content/fastrack/rhel/system-z/7/s390x/optional/os',\n 'content/fastrack/rhel/system-z/7/s390x/optional/source/SRPMS',\n 'content/fastrack/rhel/system-z/7/s390x/os',\n 'content/fastrack/rhel/system-z/7/s390x/source/SRPMS',\n 'content/fastrack/rhel/workstation/7/x86_64/debug',\n 'content/fastrack/rhel/workstation/7/x86_64/optional/debug',\n 'content/fastrack/rhel/workstation/7/x86_64/optional/os',\n 'content/fastrack/rhel/workstation/7/x86_64/optional/source/SRPMS',\n 'content/fastrack/rhel/workstation/7/x86_64/os',\n 'content/fastrack/rhel/workstation/7/x86_64/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'firefox-78.10.0-1.el7_9', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'firefox');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T14:16:50", "description": "The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2021:1362 advisory.\n\n - Mozilla: More internal network hosts could have been probed by a malicious webpage (CVE-2021-23961)\n\n - Mozilla: Out of bound write due to lazy initialization (CVE-2021-23994)\n\n - Mozilla: Use-after-free in Responsive Design Mode (CVE-2021-23995)\n\n - Mozilla: Secure Lock icon could have been spoofed (CVE-2021-23998)\n\n - Mozilla: Blob URLs may have been granted additional privileges (CVE-2021-23999)\n\n - Mozilla: Arbitrary FTP command execution on FTP servers using an encoded URL (CVE-2021-24002)\n\n - Mozilla: Incorrect size computation in WebAssembly JIT could lead to null-reads (CVE-2021-29945)\n\n - Mozilla: Port blocking could be bypassed (CVE-2021-29946)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-04-26T00:00:00", "type": "nessus", "title": "RHEL 8 : firefox (RHSA-2021:1362)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-23961", "CVE-2021-23994", "CVE-2021-23995", "CVE-2021-23998", "CVE-2021-23999", "CVE-2021-24002", "CVE-2021-29945", "CVE-2021-29946"], "modified": "2023-05-24T00:00:00", "cpe": ["cpe:/o:redhat:rhel_e4s:8.1", "cpe:/o:redhat:rhel_eus:8.1", "p-cpe:/a:redhat:enterprise_linux:firefox"], "id": "REDHAT-RHSA-2021-1362.NASL", "href": "https://www.tenable.com/plugins/nessus/148988", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2021:1362. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(148988);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/24\");\n\n script_cve_id(\n \"CVE-2021-23961\",\n \"CVE-2021-23994\",\n \"CVE-2021-23995\",\n \"CVE-2021-23998\",\n \"CVE-2021-23999\",\n \"CVE-2021-24002\",\n \"CVE-2021-29945\",\n \"CVE-2021-29946\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0051-S\");\n script_xref(name:\"RHSA\", value:\"2021:1362\");\n script_xref(name:\"IAVA\", value:\"2021-A-0185-S\");\n\n script_name(english:\"RHEL 8 : firefox (RHSA-2021:1362)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as\nreferenced in the RHSA-2021:1362 advisory.\n\n - Mozilla: More internal network hosts could have been probed by a malicious webpage (CVE-2021-23961)\n\n - Mozilla: Out of bound write due to lazy initialization (CVE-2021-23994)\n\n - Mozilla: Use-after-free in Responsive Design Mode (CVE-2021-23995)\n\n - Mozilla: Secure Lock icon could have been spoofed (CVE-2021-23998)\n\n - Mozilla: Blob URLs may have been granted additional privileges (CVE-2021-23999)\n\n - Mozilla: Arbitrary FTP command execution on FTP servers using an encoded URL (CVE-2021-24002)\n\n - Mozilla: Incorrect size computation in WebAssembly JIT could lead to null-reads (CVE-2021-29945)\n\n - Mozilla: Port blocking could be bypassed (CVE-2021-29946)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-23961\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-23994\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-23995\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-23998\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-23999\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-24002\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-29945\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-29946\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2021:1362\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1951364\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1951365\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1951366\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1951367\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1951368\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1951369\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1951370\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1951371\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected firefox package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-29946\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(88, 190, 200, 281, 416, 476, 787);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/01/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/04/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/04/26\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:firefox\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'eq', os_version: os_ver, rhel_version: '8.1')) audit(AUDIT_OS_NOT, 'Red Hat 8.1', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/e4s/rhel8/8.1/ppc64le/appstream/debug',\n 'content/e4s/rhel8/8.1/ppc64le/appstream/os',\n 'content/e4s/rhel8/8.1/ppc64le/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.1/ppc64le/baseos/debug',\n 'content/e4s/rhel8/8.1/ppc64le/baseos/os',\n 'content/e4s/rhel8/8.1/ppc64le/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.1/ppc64le/highavailability/debug',\n 'content/e4s/rhel8/8.1/ppc64le/highavailability/os',\n 'content/e4s/rhel8/8.1/ppc64le/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.1/ppc64le/sap-solutions/debug',\n 'content/e4s/rhel8/8.1/ppc64le/sap-solutions/os',\n 'content/e4s/rhel8/8.1/ppc64le/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.1/ppc64le/sap/debug',\n 'content/e4s/rhel8/8.1/ppc64le/sap/os',\n 'content/e4s/rhel8/8.1/ppc64le/sap/source/SRPMS',\n 'content/e4s/rhel8/8.1/x86_64/appstream/debug',\n 'content/e4s/rhel8/8.1/x86_64/appstream/os',\n 'content/e4s/rhel8/8.1/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.1/x86_64/baseos/debug',\n 'content/e4s/rhel8/8.1/x86_64/baseos/os',\n 'content/e4s/rhel8/8.1/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.1/x86_64/highavailability/debug',\n 'content/e4s/rhel8/8.1/x86_64/highavailability/os',\n 'content/e4s/rhel8/8.1/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.1/x86_64/sap-solutions/debug',\n 'content/e4s/rhel8/8.1/x86_64/sap-solutions/os',\n 'content/e4s/rhel8/8.1/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.1/x86_64/sap/debug',\n 'content/e4s/rhel8/8.1/x86_64/sap/os',\n 'content/e4s/rhel8/8.1/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.1/aarch64/appstream/debug',\n 'content/eus/rhel8/8.1/aarch64/appstream/os',\n 'content/eus/rhel8/8.1/aarch64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.1/aarch64/baseos/debug',\n 'content/eus/rhel8/8.1/aarch64/baseos/os',\n 'content/eus/rhel8/8.1/aarch64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.1/aarch64/codeready-builder/debug',\n 'content/eus/rhel8/8.1/aarch64/codeready-builder/os',\n 'content/eus/rhel8/8.1/aarch64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.1/aarch64/highavailability/debug',\n 'content/eus/rhel8/8.1/aarch64/highavailability/os',\n 'content/eus/rhel8/8.1/aarch64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.1/aarch64/supplementary/debug',\n 'content/eus/rhel8/8.1/aarch64/supplementary/os',\n 'content/eus/rhel8/8.1/aarch64/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.1/ppc64le/appstream/debug',\n 'content/eus/rhel8/8.1/ppc64le/appstream/os',\n 'content/eus/rhel8/8.1/ppc64le/appstream/source/SRPMS',\n 'content/eus/rhel8/8.1/ppc64le/baseos/debug',\n 'content/eus/rhel8/8.1/ppc64le/baseos/os',\n 'content/eus/rhel8/8.1/ppc64le/baseos/source/SRPMS',\n 'content/eus/rhel8/8.1/ppc64le/codeready-builder/debug',\n 'content/eus/rhel8/8.1/ppc64le/codeready-builder/os',\n 'content/eus/rhel8/8.1/ppc64le/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.1/ppc64le/highavailability/debug',\n 'content/eus/rhel8/8.1/ppc64le/highavailability/os',\n 'content/eus/rhel8/8.1/ppc64le/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.1/ppc64le/resilientstorage/debug',\n 'content/eus/rhel8/8.1/ppc64le/resilientstorage/os',\n 'content/eus/rhel8/8.1/ppc64le/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.1/ppc64le/sap-solutions/debug',\n 'content/eus/rhel8/8.1/ppc64le/sap-solutions/os',\n 'content/eus/rhel8/8.1/ppc64le/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.1/ppc64le/sap/debug',\n 'content/eus/rhel8/8.1/ppc64le/sap/os',\n 'content/eus/rhel8/8.1/ppc64le/sap/source/SRPMS',\n 'content/eus/rhel8/8.1/ppc64le/supplementary/debug',\n 'content/eus/rhel8/8.1/ppc64le/supplementary/os',\n 'content/eus/rhel8/8.1/ppc64le/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.1/s390x/appstream/debug',\n 'content/eus/rhel8/8.1/s390x/appstream/os',\n 'content/eus/rhel8/8.1/s390x/appstream/source/SRPMS',\n 'content/eus/rhel8/8.1/s390x/baseos/debug',\n 'content/eus/rhel8/8.1/s390x/baseos/os',\n 'content/eus/rhel8/8.1/s390x/baseos/source/SRPMS',\n 'content/eus/rhel8/8.1/s390x/codeready-builder/debug',\n 'content/eus/rhel8/8.1/s390x/codeready-builder/os',\n 'content/eus/rhel8/8.1/s390x/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.1/s390x/highavailability/debug',\n 'content/eus/rhel8/8.1/s390x/highavailability/os',\n 'content/eus/rhel8/8.1/s390x/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.1/s390x/resilientstorage/debug',\n 'content/eus/rhel8/8.1/s390x/resilientstorage/os',\n 'content/eus/rhel8/8.1/s390x/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.1/s390x/sap/debug',\n 'content/eus/rhel8/8.1/s390x/sap/os',\n 'content/eus/rhel8/8.1/s390x/sap/source/SRPMS',\n 'content/eus/rhel8/8.1/s390x/supplementary/debug',\n 'content/eus/rhel8/8.1/s390x/supplementary/os',\n 'content/eus/rhel8/8.1/s390x/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.1/x86_64/appstream/debug',\n 'content/eus/rhel8/8.1/x86_64/appstream/os',\n 'content/eus/rhel8/8.1/x86_64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.1/x86_64/baseos/debug',\n 'content/eus/rhel8/8.1/x86_64/baseos/os',\n 'content/eus/rhel8/8.1/x86_64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.1/x86_64/codeready-builder/debug',\n 'content/eus/rhel8/8.1/x86_64/codeready-builder/os',\n 'content/eus/rhel8/8.1/x86_64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.1/x86_64/highavailability/debug',\n 'content/eus/rhel8/8.1/x86_64/highavailability/os',\n 'content/eus/rhel8/8.1/x86_64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.1/x86_64/resilientstorage/debug',\n 'content/eus/rhel8/8.1/x86_64/resilientstorage/os',\n 'content/eus/rhel8/8.1/x86_64/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.1/x86_64/sap-solutions/debug',\n 'content/eus/rhel8/8.1/x86_64/sap-solutions/os',\n 'content/eus/rhel8/8.1/x86_64/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.1/x86_64/sap/debug',\n 'content/eus/rhel8/8.1/x86_64/sap/os',\n 'content/eus/rhel8/8.1/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.1/x86_64/supplementary/debug',\n 'content/eus/rhel8/8.1/x86_64/supplementary/os',\n 'content/eus/rhel8/8.1/x86_64/supplementary/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'firefox-78.10.0-1.el8_1', 'sp':'1', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var subscription_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in the Red Hat Enterprise Linux\\n' +\n 'Extended Update Support or Update Services for SAP Solutions repositories.\\n' +\n 'Access to these repositories requires a paid RHEL subscription.\\n';\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = subscription_caveat + rpm_report_get() + redhat_report_repo_caveat();\n else extra = subscription_caveat + rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'firefox');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:27:50", "description": "The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2021-1360 advisory.\n\n - Further techniques that built on the slipstream research combined with a malicious webpage could have exposed both an internal network's hosts as well as services running on the user's local machine. This vulnerability affects Firefox < 85. (CVE-2021-23961)\n\n - A WebGL framebuffer was not initialized early enough, resulting in memory corruption and an out of bound write. (CVE-2021-23994)\n\n - When Responsive Design Mode was enabled, it used references to objects that were previously freed. We presume that with enough effort this could have been exploited to run arbitrary code. (CVE-2021-23995)\n\n - Through complicated navigations with new windows, an HTTP page could have inherited a secure lock icon from an HTTPS page. (CVE-2021-23998)\n\n - If a Blob URL was loaded through some unusual user interaction, it could have been loaded by the System Principal and granted additional privileges that should not be granted to web content. (CVE-2021-23999)\n\n - When a user clicked on an FTP URL containing encoded newline characters (%0A and %0D), the newlines would have been interpreted as such and allowed arbitrary commands to be sent to the FTP server.\n (CVE-2021-24002)\n\n - The WebAssembly JIT could miscalculate the size of a return type, which could lead to a null read and result in a crash. Note: This issue only affected x86-32 platforms. Other platforms are unaffected.\n (CVE-2021-29945)\n\n - Ports that were written as an integer overflow above the bounds of a 16-bit integer could have bypassed port blocking restrictions when used in the Alt-Svc header. (CVE-2021-29946)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-04-27T00:00:00", "type": "nessus", "title": "Oracle Linux 8 : firefox (ELSA-2021-1360)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-23961", "CVE-2021-23994", "CVE-2021-23995", "CVE-2021-23998", "CVE-2021-23999", "CVE-2021-24002", "CVE-2021-29945", "CVE-2021-29946"], "modified": "2021-06-28T00:00:00", "cpe": ["cpe:/o:oracle:linux:8", "p-cpe:/a:oracle:linux:firefox"], "id": "ORACLELINUX_ELSA-2021-1360.NASL", "href": "https://www.tenable.com/plugins/nessus/148999", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2021-1360.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(148999);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/06/28\");\n\n script_cve_id(\n \"CVE-2021-23961\",\n \"CVE-2021-23994\",\n \"CVE-2021-23995\",\n \"CVE-2021-23998\",\n \"CVE-2021-23999\",\n \"CVE-2021-24002\",\n \"CVE-2021-29945\",\n \"CVE-2021-29946\"\n );\n\n script_name(english:\"Oracle Linux 8 : firefox (ELSA-2021-1360)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the\nELSA-2021-1360 advisory.\n\n - Further techniques that built on the slipstream research combined with a malicious webpage could have\n exposed both an internal network's hosts as well as services running on the user's local machine. This\n vulnerability affects Firefox < 85. (CVE-2021-23961)\n\n - A WebGL framebuffer was not initialized early enough, resulting in memory corruption and an out of bound\n write. (CVE-2021-23994)\n\n - When Responsive Design Mode was enabled, it used references to objects that were previously freed. We\n presume that with enough effort this could have been exploited to run arbitrary code. (CVE-2021-23995)\n\n - Through complicated navigations with new windows, an HTTP page could have inherited a secure lock icon\n from an HTTPS page. (CVE-2021-23998)\n\n - If a Blob URL was loaded through some unusual user interaction, it could have been loaded by the System\n Principal and granted additional privileges that should not be granted to web content. (CVE-2021-23999)\n\n - When a user clicked on an FTP URL containing encoded newline characters (%0A and %0D), the newlines would\n have been interpreted as such and allowed arbitrary commands to be sent to the FTP server.\n (CVE-2021-24002)\n\n - The WebAssembly JIT could miscalculate the size of a return type, which could lead to a null read and\n result in a crash. Note: This issue only affected x86-32 platforms. Other platforms are unaffected.\n (CVE-2021-29945)\n\n - Ports that were written as an integer overflow above the bounds of a 16-bit integer could have bypassed\n port blocking restrictions when used in the Alt-Svc header. (CVE-2021-29946)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2021-1360.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected firefox package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-29946\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/01/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/04/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/04/27\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:firefox\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 8', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\n\npkgs = [\n {'reference':'firefox-78.10.0-1.0.1.el8_3', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE},\n {'reference':'firefox-78.10.0-1.0.1.el8_3', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n reference = NULL;\n release = NULL;\n sp = NULL;\n cpu = NULL;\n el_string = NULL;\n rpm_spec_vers_cmp = NULL;\n epoch = NULL;\n allowmaj = NULL;\n rpm_prefix = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['rpm_prefix'])) rpm_prefix = package_array['rpm_prefix'];\n if (reference && release) {\n if (rpm_prefix) {\n if (rpm_exists(release:release, rpm:rpm_prefix) && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'firefox');\n}", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:29:49", "description": "The remote SUSE Linux SLES11 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:14708-1 advisory.\n\n - Further techniques that built on the slipstream research combined with a malicious webpage could have exposed both an internal network's hosts as well as services running on the user's local machine. This vulnerability affects Firefox < 85. (CVE-2021-23961)\n\n - A WebGL framebuffer was not initialized early enough, resulting in memory corruption and an out of bound write. (CVE-2021-23994)\n\n - When Responsive Design Mode was enabled, it used references to objects that were previously freed. We presume that with enough effort this could have been exploited to run arbitrary code. (CVE-2021-23995)\n\n - Through complicated navigations with new windows, an HTTP page could have inherited a secure lock icon from an HTTPS page. (CVE-2021-23998)\n\n - If a Blob URL was loaded through some unusual user interaction, it could have been loaded by the System Principal and granted additional privileges that should not be granted to web content. (CVE-2021-23999)\n\n - When a user clicked on an FTP URL containing encoded newline characters (%0A and %0D), the newlines would have been interpreted as such and allowed arbitrary commands to be sent to the FTP server.\n (CVE-2021-24002)\n\n - The WebAssembly JIT could miscalculate the size of a return type, which could lead to a null read and result in a crash. Note: This issue only affected x86-32 platforms. Other platforms are unaffected.\n (CVE-2021-29945)\n\n - Ports that were written as an integer overflow above the bounds of a 16-bit integer could have bypassed port blocking restrictions when used in the Alt-Svc header. (CVE-2021-29946)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-06-10T00:00:00", "type": "nessus", "title": "SUSE SLES11 Security Update : MozillaFirefox (SUSE-SU-2021:14708-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-23961", "CVE-2021-23994", "CVE-2021-23995", "CVE-2021-23998", "CVE-2021-23999", "CVE-2021-24002", "CVE-2021-29945", "CVE-2021-29946"], "modified": "2022-01-21T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:mozillafirefox", "p-cpe:/a:novell:suse_linux:mozillafirefox-translations-common", "p-cpe:/a:novell:suse_linux:mozillafirefox-translations-other", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_SU-2021-14708-1.NASL", "href": "https://www.tenable.com/plugins/nessus/150617", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2021:14708-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(150617);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/01/21\");\n\n script_cve_id(\n \"CVE-2021-23961\",\n \"CVE-2021-23994\",\n \"CVE-2021-23995\",\n \"CVE-2021-23998\",\n \"CVE-2021-23999\",\n \"CVE-2021-24002\",\n \"CVE-2021-29945\",\n \"CVE-2021-29946\"\n );\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2021:14708-1\");\n script_xref(name:\"IAVA\", value:\"2021-A-0051-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0185-S\");\n\n script_name(english:\"SUSE SLES11 Security Update : MozillaFirefox (SUSE-SU-2021:14708-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLES11 host has packages installed that are affected by multiple vulnerabilities as referenced in\nthe SUSE-SU-2021:14708-1 advisory.\n\n - Further techniques that built on the slipstream research combined with a malicious webpage could have\n exposed both an internal network's hosts as well as services running on the user's local machine. This\n vulnerability affects Firefox < 85. (CVE-2021-23961)\n\n - A WebGL framebuffer was not initialized early enough, resulting in memory corruption and an out of bound\n write. (CVE-2021-23994)\n\n - When Responsive Design Mode was enabled, it used references to objects that were previously freed. We\n presume that with enough effort this could have been exploited to run arbitrary code. (CVE-2021-23995)\n\n - Through complicated navigations with new windows, an HTTP page could have inherited a secure lock icon\n from an HTTPS page. (CVE-2021-23998)\n\n - If a Blob URL was loaded through some unusual user interaction, it could have been loaded by the System\n Principal and granted additional privileges that should not be granted to web content. (CVE-2021-23999)\n\n - When a user clicked on an FTP URL containing encoded newline characters (%0A and %0D), the newlines would\n have been interpreted as such and allowed arbitrary commands to be sent to the FTP server.\n (CVE-2021-24002)\n\n - The WebAssembly JIT could miscalculate the size of a return type, which could lead to a null read and\n result in a crash. Note: This issue only affected x86-32 platforms. Other platforms are unaffected.\n (CVE-2021-29945)\n\n - Ports that were written as an integer overflow above the bounds of a 16-bit integer could have bypassed\n port blocking restrictions when used in the Alt-Svc header. (CVE-2021-29946)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1184960\");\n # https://lists.suse.com/pipermail/sle-security-updates/2021-April/008691.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?a0cfbc09\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-23961\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-23994\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-23995\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-23998\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-23999\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-24002\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-29945\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-29946\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected MozillaFirefox, MozillaFirefox-translations-common and / or MozillaFirefox-translations-other\npackages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-29946\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/01/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/04/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/06/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:MozillaFirefox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:MozillaFirefox-translations-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:MozillaFirefox-translations-other\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES11)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLES11', 'SUSE ' + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE ' + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES11\" && (! preg(pattern:\"^(4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES11 SP4\", os_ver + \" SP\" + sp);\n\npkgs = [\n {'reference':'MozillaFirefox-78.10.0-78.126', 'sp':'4', 'cpu':'x86_64', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-11.4'},\n {'reference':'MozillaFirefox-translations-common-78.10.0-78.126', 'sp':'4', 'cpu':'x86_64', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-11.4'},\n {'reference':'MozillaFirefox-translations-other-78.10.0-78.126', 'sp':'4', 'cpu':'x86_64', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-11.4'},\n {'reference':'MozillaFirefox-78.10.0-78.126', 'sp':'4', 'cpu':'x86_64', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-11.4'},\n {'reference':'MozillaFirefox-translations-common-78.10.0-78.126', 'sp':'4', 'cpu':'x86_64', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-11.4'},\n {'reference':'MozillaFirefox-translations-other-78.10.0-78.126', 'sp':'4', 'cpu':'x86_64', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-11.4'}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n reference = NULL;\n release = NULL;\n sp = NULL;\n cpu = NULL;\n exists_check = NULL;\n rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && release && exists_check) {\n if (rpm_exists(release:release, rpm:exists_check) && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n else if (reference && release) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n ltss_plugin_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in SUSE Enterprise Linux Server LTSS\\n' +\n 'repositories. Access to these package security updates require\\n' +\n 'a paid SUSE LTSS subscription.\\n';\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + ltss_plugin_caveat\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'MozillaFirefox / MozillaFirefox-translations-common / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-28T15:44:02", "description": "The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has firefox packages installed that are affected by multiple vulnerabilities:\n\n - Further techniques that built on the slipstream research combined with a malicious webpage could have exposed both an internal network's hosts as well as services running on the user's local machine. This vulnerability affects Firefox < 85. (CVE-2021-23961)\n\n - A WebGL framebuffer was not initialized early enough, resulting in memory corruption and an out of bound write. This vulnerability affects Firefox ESR < 78.10, Thunderbird < 78.10, and Firefox < 88.\n (CVE-2021-23994)\n\n - When Responsive Design Mode was enabled, it used references to objects that were previously freed. We presume that with enough effort this could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 78.10, Thunderbird < 78.10, and Firefox < 88. (CVE-2021-23995)\n\n - Through complicated navigations with new windows, an HTTP page could have inherited a secure lock icon from an HTTPS page. This vulnerability affects Firefox ESR < 78.10, Thunderbird < 78.10, and Firefox < 88.\n (CVE-2021-23998)\n\n - If a Blob URL was loaded through some unusual user interaction, it could have been loaded by the System Principal and granted additional privileges that should not be granted to web content. This vulnerability affects Firefox ESR < 78.10, Thunderbird < 78.10, and Firefox < 88. (CVE-2021-23999)\n\n - When a user clicked on an FTP URL containing encoded newline characters (%0A and %0D), the newlines would have been interpreted as such and allowed arbitrary commands to be sent to the FTP server. This vulnerability affects Firefox ESR < 78.10, Thunderbird < 78.10, and Firefox < 88. (CVE-2021-24002)\n\n - The WebAssembly JIT could miscalculate the size of a return type, which could lead to a null read and result in a crash. *Note: This issue only affected x86-32 platforms. Other platforms are unaffected.*.\n This vulnerability affects Firefox ESR < 78.10, Thunderbird < 78.10, and Firefox < 88. (CVE-2021-29945)\n\n - Ports that were written as an integer overflow above the bounds of a 16-bit integer could have bypassed port blocking restrictions when used in the Alt-Svc header. This vulnerability affects Firefox ESR < 78.10, Thunderbird < 78.10, and Firefox < 88. (CVE-2021-29946)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-10-28T00:00:00", "type": "nessus", "title": "NewStart CGSL CORE 5.04 / MAIN 5.04 : firefox Multiple Vulnerabilities (NS-SA-2021-0107)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-23961", "CVE-2021-23994", "CVE-2021-23995", "CVE-2021-23998", "CVE-2021-23999", "CVE-2021-24002", "CVE-2021-29945", "CVE-2021-29946"], "modified": "2023-11-27T00:00:00", "cpe": ["p-cpe:/a:zte:cgsl_core:firefox", "p-cpe:/a:zte:cgsl_core:firefox-debuginfo", "p-cpe:/a:zte:cgsl_main:firefox", "p-cpe:/a:zte:cgsl_main:firefox-debuginfo", "cpe:/o:zte:cgsl_core:5", "cpe:/o:zte:cgsl_main:5"], "id": "NEWSTART_CGSL_NS-SA-2021-0107_FIREFOX.NASL", "href": "https://www.tenable.com/plugins/nessus/154623", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from ZTE advisory NS-SA-2021-0107. The text\n# itself is copyright (C) ZTE, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(154623);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/11/27\");\n\n script_cve_id(\n \"CVE-2021-23961\",\n \"CVE-2021-23994\",\n \"CVE-2021-23995\",\n \"CVE-2021-23998\",\n \"CVE-2021-23999\",\n \"CVE-2021-24002\",\n \"CVE-2021-29945\",\n \"CVE-2021-29946\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0051-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0185-S\");\n\n script_name(english:\"NewStart CGSL CORE 5.04 / MAIN 5.04 : firefox Multiple Vulnerabilities (NS-SA-2021-0107)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote NewStart CGSL host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has firefox packages installed that are affected\nby multiple vulnerabilities:\n\n - Further techniques that built on the slipstream research combined with a malicious webpage could have\n exposed both an internal network's hosts as well as services running on the user's local machine. This\n vulnerability affects Firefox < 85. (CVE-2021-23961)\n\n - A WebGL framebuffer was not initialized early enough, resulting in memory corruption and an out of bound\n write. This vulnerability affects Firefox ESR < 78.10, Thunderbird < 78.10, and Firefox < 88.\n (CVE-2021-23994)\n\n - When Responsive Design Mode was enabled, it used references to objects that were previously freed. We\n presume that with enough effort this could have been exploited to run arbitrary code. This vulnerability\n affects Firefox ESR < 78.10, Thunderbird < 78.10, and Firefox < 88. (CVE-2021-23995)\n\n - Through complicated navigations with new windows, an HTTP page could have inherited a secure lock icon\n from an HTTPS page. This vulnerability affects Firefox ESR < 78.10, Thunderbird < 78.10, and Firefox < 88.\n (CVE-2021-23998)\n\n - If a Blob URL was loaded through some unusual user interaction, it could have been loaded by the System\n Principal and granted additional privileges that should not be granted to web content. This vulnerability\n affects Firefox ESR < 78.10, Thunderbird < 78.10, and Firefox < 88. (CVE-2021-23999)\n\n - When a user clicked on an FTP URL containing encoded newline characters (%0A and %0D), the newlines would\n have been interpreted as such and allowed arbitrary commands to be sent to the FTP server. This\n vulnerability affects Firefox ESR < 78.10, Thunderbird < 78.10, and Firefox < 88. (CVE-2021-24002)\n\n - The WebAssembly JIT could miscalculate the size of a return type, which could lead to a null read and\n result in a crash. *Note: This issue only affected x86-32 platforms. Other platforms are unaffected.*.\n This vulnerability affects Firefox ESR < 78.10, Thunderbird < 78.10, and Firefox < 88. (CVE-2021-29945)\n\n - Ports that were written as an integer overflow above the bounds of a 16-bit integer could have bypassed\n port blocking restrictions when used in the Alt-Svc header. This vulnerability affects Firefox ESR <\n 78.10, Thunderbird < 78.10, and Firefox < 88. (CVE-2021-29946)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/notice/NS-SA-2021-0107\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2021-23961\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2021-23994\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2021-23995\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2021-23998\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2021-23999\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2021-24002\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2021-29945\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2021-29946\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the vulnerable CGSL firefox packages. Note that updated packages may not be available yet. Please contact ZTE\nfor more information.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-29946\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/01/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/09/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/10/28\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_core:firefox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_core:firefox-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_main:firefox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_main:firefox-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:zte:cgsl_core:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:zte:cgsl_main:5\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"NewStart CGSL Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/ZTE-CGSL/release\", \"Host/ZTE-CGSL/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item('Host/ZTE-CGSL/release');\nif (isnull(release) || release !~ \"^CGSL (MAIN|CORE)\") audit(AUDIT_OS_NOT, 'NewStart Carrier Grade Server Linux');\n\nif (release !~ \"CGSL CORE 5.04\" &&\n release !~ \"CGSL MAIN 5.04\")\n audit(AUDIT_OS_NOT, 'NewStart CGSL CORE 5.04 / NewStart CGSL MAIN 5.04');\n\nif (!get_kb_item('Host/ZTE-CGSL/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'NewStart Carrier Grade Server Linux', cpu);\n\nvar flag = 0;\n\nvar pkgs = {\n 'CGSL CORE 5.04': [\n 'firefox-78.10.0-1.el7.centos',\n 'firefox-debuginfo-78.10.0-1.el7.centos'\n ],\n 'CGSL MAIN 5.04': [\n 'firefox-78.10.0-1.el7.centos',\n 'firefox-debuginfo-78.10.0-1.el7.centos'\n ]\n};\nvar pkg_list = pkgs[release];\n\nforeach (pkg in pkg_list)\n if (rpm_check(release:'ZTE ' + release, reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'firefox');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:29:13", "description": "This update for MozillaFirefox fixes the following issues :\n\n - Firefox was updated to 78.10.0 ESR (bsc#1184960)\n\n - CVE-2021-23994: Out of bound write due to lazy initialization\n\n - CVE-2021-23995: Use-after-free in Responsive Design Mode\n\n - CVE-2021-23998: Secure Lock icon could have been spoofed\n\n - CVE-2021-23961: More internal network hosts could have been probed by a malicious webpage\n\n - CVE-2021-23999: Blob URLs may have been granted additional privileges\n\n - CVE-2021-24002: Arbitrary FTP command execution on FTP servers using an encoded URL\n\n - CVE-2021-29945: Incorrect size computation in WebAssembly JIT could lead to null-reads\n\n - CVE-2021-29946: Port blocking could be bypassed\n\nThis update was imported from the SUSE:SLE-15-SP2:Update update project.", "cvss3": {}, "published": "2021-05-18T00:00:00", "type": "nessus", "title": "openSUSE Security Update : MozillaFirefox (openSUSE-2021-621)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-23961", "CVE-2021-23994", "CVE-2021-23995", "CVE-2021-23998", "CVE-2021-23999", "CVE-2021-24002", "CVE-2021-29945", "CVE-2021-29946"], "modified": "2022-01-26T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:mozillafirefox", "p-cpe:/a:novell:opensuse:mozillafirefox-branding-upstream", "p-cpe:/a:novell:opensuse:mozillafirefox-buildsymbols", "p-cpe:/a:novell:opensuse:mozillafirefox-debuginfo", "p-cpe:/a:novell:opensuse:mozillafirefox-debugsource", "p-cpe:/a:novell:opensuse:mozillafirefox-devel", "p-cpe:/a:novell:opensuse:mozillafirefox-translations-common", "p-cpe:/a:novell:opensuse:mozillafirefox-translations-other", "cpe:/o:novell:opensuse:15.2"], "id": "OPENSUSE-2021-621.NASL", "href": "https://www.tenable.com/plugins/nessus/149554", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2021-621.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(149554);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/01/26\");\n\n script_cve_id(\n \"CVE-2021-23961\",\n \"CVE-2021-23994\",\n \"CVE-2021-23995\",\n \"CVE-2021-23998\",\n \"CVE-2021-23999\",\n \"CVE-2021-24002\",\n \"CVE-2021-29945\",\n \"CVE-2021-29946\"\n );\n\n script_name(english:\"openSUSE Security Update : MozillaFirefox (openSUSE-2021-621)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote openSUSE host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"This update for MozillaFirefox fixes the following issues :\n\n - Firefox was updated to 78.10.0 ESR (bsc#1184960)\n\n - CVE-2021-23994: Out of bound write due to lazy\n initialization\n\n - CVE-2021-23995: Use-after-free in Responsive Design Mode\n\n - CVE-2021-23998: Secure Lock icon could have been spoofed\n\n - CVE-2021-23961: More internal network hosts could have\n been probed by a malicious webpage\n\n - CVE-2021-23999: Blob URLs may have been granted\n additional privileges\n\n - CVE-2021-24002: Arbitrary FTP command execution on FTP\n servers using an encoded URL\n\n - CVE-2021-29945: Incorrect size computation in\n WebAssembly JIT could lead to null-reads\n\n - CVE-2021-29946: Port blocking could be bypassed\n\nThis update was imported from the SUSE:SLE-15-SP2:Update update\nproject.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1184960\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected MozillaFirefox packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-29946\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/02/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/04/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/05/18\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaFirefox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaFirefox-branding-upstream\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaFirefox-buildsymbols\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaFirefox-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaFirefox-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaFirefox-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaFirefox-translations-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaFirefox-translations-other\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.2\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(x86_64)$\") audit(AUDIT_ARCH_NOT, \"x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.2\", reference:\"MozillaFirefox-78.10.0-lp152.2.55.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"MozillaFirefox-branding-upstream-78.10.0-lp152.2.55.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"MozillaFirefox-buildsymbols-78.10.0-lp152.2.55.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"MozillaFirefox-debuginfo-78.10.0-lp152.2.55.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"MozillaFirefox-debugsource-78.10.0-lp152.2.55.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"MozillaFirefox-devel-78.10.0-lp152.2.55.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"MozillaFirefox-translations-common-78.10.0-lp152.2.55.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"MozillaFirefox-translations-other-78.10.0-lp152.2.55.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"MozillaFirefox / MozillaFirefox-branding-upstream / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:27:51", "description": "The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2021-1353 advisory.\n\n - Further techniques that built on the slipstream research combined with a malicious webpage could have exposed both an internal network's hosts as well as services running on the user's local machine. This vulnerability affects Firefox < 85. (CVE-2021-23961)\n\n - A WebGL framebuffer was not initialized early enough, resulting in memory corruption and an out of bound write. (CVE-2021-23994)\n\n - When Responsive Design Mode was enabled, it used references to objects that were previously freed. We presume that with enough effort this could have been exploited to run arbitrary code. (CVE-2021-23995)\n\n - Through complicated navigations with new windows, an HTTP page could have inherited a secure lock icon from an HTTPS page. (CVE-2021-23998)\n\n - If a Blob URL was loaded through some unusual user interaction, it could have been loaded by the System Principal and granted additional privileges that should not be granted to web content. (CVE-2021-23999)\n\n - When a user clicked on an FTP URL containing encoded newline characters (%0A and %0D), the newlines would have been interpreted as such and allowed arbitrary commands to be sent to the FTP server.\n (CVE-2021-24002)\n\n - The WebAssembly JIT could miscalculate the size of a return type, which could lead to a null read and result in a crash. Note: This issue only affected x86-32 platforms. Other platforms are unaffected.\n (CVE-2021-29945)\n\n - Ports that were written as an integer overflow above the bounds of a 16-bit integer could have bypassed port blocking restrictions when used in the Alt-Svc header. (CVE-2021-29946)\n\n - Mozilla: Race condition when reading from disk while verifying signatures (CVE-2021-29948)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-04-27T00:00:00", "type": "nessus", "title": "Oracle Linux 8 : thunderbird (ELSA-2021-1353)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-23961", "CVE-2021-23994", "CVE-2021-23995", "CVE-2021-23998", "CVE-2021-23999", "CVE-2021-24002", "CVE-2021-29945", "CVE-2021-29946", "CVE-2021-29948"], "modified": "2021-06-28T00:00:00", "cpe": ["cpe:/o:oracle:linux:8", "p-cpe:/a:oracle:linux:thunderbird"], "id": "ORACLELINUX_ELSA-2021-1353.NASL", "href": "https://www.tenable.com/plugins/nessus/149021", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2021-1353.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(149021);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/06/28\");\n\n script_cve_id(\n \"CVE-2021-23961\",\n \"CVE-2021-23994\",\n \"CVE-2021-23995\",\n \"CVE-2021-23998\",\n \"CVE-2021-23999\",\n \"CVE-2021-24002\",\n \"CVE-2021-29945\",\n \"CVE-2021-29946\",\n \"CVE-2021-29948\"\n );\n\n script_name(english:\"Oracle Linux 8 : thunderbird (ELSA-2021-1353)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the\nELSA-2021-1353 advisory.\n\n - Further techniques that built on the slipstream research combined with a malicious webpage could have\n exposed both an internal network's hosts as well as services running on the user's local machine. This\n vulnerability affects Firefox < 85. (CVE-2021-23961)\n\n - A WebGL framebuffer was not initialized early enough, resulting in memory corruption and an out of bound\n write. (CVE-2021-23994)\n\n - When Responsive Design Mode was enabled, it used references to objects that were previously freed. We\n presume that with enough effort this could have been exploited to run arbitrary code. (CVE-2021-23995)\n\n - Through complicated navigations with new windows, an HTTP page could have inherited a secure lock icon\n from an HTTPS page. (CVE-2021-23998)\n\n - If a Blob URL was loaded through some unusual user interaction, it could have been loaded by the System\n Principal and granted additional privileges that should not be granted to web content. (CVE-2021-23999)\n\n - When a user clicked on an FTP URL containing encoded newline characters (%0A and %0D), the newlines would\n have been interpreted as such and allowed arbitrary commands to be sent to the FTP server.\n (CVE-2021-24002)\n\n - The WebAssembly JIT could miscalculate the size of a return type, which could lead to a null read and\n result in a crash. Note: This issue only affected x86-32 platforms. Other platforms are unaffected.\n (CVE-2021-29945)\n\n - Ports that were written as an integer overflow above the bounds of a 16-bit integer could have bypassed\n port blocking restrictions when used in the Alt-Svc header. (CVE-2021-29946)\n\n - Mozilla: Race condition when reading from disk while verifying signatures (CVE-2021-29948)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2021-1353.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected thunderbird package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-29946\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/01/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/04/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/04/27\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:thunderbird\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 8', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\n\npkgs = [\n {'reference':'thunderbird-78.10.0-1.0.1.el8_3', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE},\n {'reference':'thunderbird-78.10.0-1.0.1.el8_3', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n reference = NULL;\n release = NULL;\n sp = NULL;\n cpu = NULL;\n el_string = NULL;\n rpm_spec_vers_cmp = NULL;\n epoch = NULL;\n allowmaj = NULL;\n rpm_prefix = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['rpm_prefix'])) rpm_prefix = package_array['rpm_prefix'];\n if (reference && release) {\n if (rpm_prefix) {\n if (rpm_exists(release:release, rpm:rpm_prefix) && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'thunderbird');\n}", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T15:08:15", "description": "The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2021:1353 advisory.\n\n - Mozilla: More internal network hosts could have been probed by a malicious webpage (CVE-2021-23961)\n\n - Mozilla: Out of bound write due to lazy initialization (CVE-2021-23994)\n\n - Mozilla: Use-after-free in Responsive Design Mode (CVE-2021-23995)\n\n - Mozilla: Secure Lock icon could have been spoofed (CVE-2021-23998)\n\n - Mozilla: Blob URLs may have been granted additional privileges (CVE-2021-23999)\n\n - Mozilla: Arbitrary FTP command execution on FTP servers using an encoded URL (CVE-2021-24002)\n\n - Mozilla: Incorrect size computation in WebAssembly JIT could lead to null-reads (CVE-2021-29945)\n\n - Mozilla: Port blocking could be bypassed (CVE-2021-29946)\n\n - Mozilla: Race condition when reading from disk while verifying signatures (CVE-2021-29948)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-04-27T00:00:00", "type": "nessus", "title": "CentOS 8 : thunderbird (CESA-2021:1353)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-23961", "CVE-2021-23994", "CVE-2021-23995", "CVE-2021-23998", "CVE-2021-23999", "CVE-2021-24002", "CVE-2021-29945", "CVE-2021-29946", "CVE-2021-29948"], "modified": "2021-06-28T00:00:00", "cpe": ["cpe:/o:centos:centos:8", "p-cpe:/a:centos:centos:thunderbird"], "id": "CENTOS8_RHSA-2021-1353.NASL", "href": "https://www.tenable.com/plugins/nessus/149026", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# Red Hat Security Advisory RHSA-2021:1353. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(149026);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/06/28\");\n\n script_cve_id(\n \"CVE-2021-23961\",\n \"CVE-2021-23994\",\n \"CVE-2021-23995\",\n \"CVE-2021-23998\",\n \"CVE-2021-23999\",\n \"CVE-2021-24002\",\n \"CVE-2021-29945\",\n \"CVE-2021-29946\",\n \"CVE-2021-29948\"\n );\n script_xref(name:\"RHSA\", value:\"2021:1353\");\n\n script_name(english:\"CentOS 8 : thunderbird (CESA-2021:1353)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote CentOS host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the\nCESA-2021:1353 advisory.\n\n - Mozilla: More internal network hosts could have been probed by a malicious webpage (CVE-2021-23961)\n\n - Mozilla: Out of bound write due to lazy initialization (CVE-2021-23994)\n\n - Mozilla: Use-after-free in Responsive Design Mode (CVE-2021-23995)\n\n - Mozilla: Secure Lock icon could have been spoofed (CVE-2021-23998)\n\n - Mozilla: Blob URLs may have been granted additional privileges (CVE-2021-23999)\n\n - Mozilla: Arbitrary FTP command execution on FTP servers using an encoded URL (CVE-2021-24002)\n\n - Mozilla: Incorrect size computation in WebAssembly JIT could lead to null-reads (CVE-2021-29945)\n\n - Mozilla: Port blocking could be bypassed (CVE-2021-29946)\n\n - Mozilla: Race condition when reading from disk while verifying signatures (CVE-2021-29948)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2021:1353\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected thunderbird package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-29946\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/01/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/04/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/04/27\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:thunderbird\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CentOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item('Host/CentOS/release');\nif (isnull(release) || 'CentOS' >!< release) audit(AUDIT_OS_NOT, 'CentOS');\nos_ver = pregmatch(pattern: \"CentOS(?: Stream)?(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'CentOS');\nos_ver = os_ver[1];\nif ('CentOS Stream' >< release) audit(AUDIT_OS_NOT, 'CentOS 8.x', 'CentOS Stream ' + os_ver);\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'CentOS 8.x', 'CentOS ' + os_ver);\n\nif (!get_kb_item('Host/CentOS/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'CentOS', cpu);\n\npkgs = [\n {'reference':'thunderbird-78.10.0-1.el8_3', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE},\n {'reference':'thunderbird-78.10.0-1.el8_3', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n reference = NULL;\n release = NULL;\n sp = NULL;\n cpu = NULL;\n el_string = NULL;\n rpm_spec_vers_cmp = NULL;\n epoch = NULL;\n allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'CentOS-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'thunderbird');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:28:44", "description": "This update for MozillaThunderbird fixes the following issues :\n\n - Firefox was updated to 78.10.0 ESR (bsc#1184960)\n\n - CVE-2021-23994: Out of bound write due to lazy initialization\n\n - CVE-2021-23995: Use-after-free in Responsive Design Mode\n\n - CVE-2021-23998: Secure Lock icon could have been spoofed\n\n - CVE-2021-23961: More internal network hosts could have been probed by a malicious webpage\n\n - CVE-2021-23999: Blob URLs may have been granted additional privileges\n\n - CVE-2021-24002: Arbitrary FTP command execution on FTP servers using an encoded URL\n\n - CVE-2021-29945: Incorrect size computation in WebAssembly JIT could lead to null-reads\n\n - CVE-2021-29946: Port blocking could be bypassed&#9; \n\n - CVE-2021-29948: Race condition when reading from disk while verifying signatures\n\nThis update was imported from the SUSE:SLE-15-SP2:Update update project.", "cvss3": {}, "published": "2021-05-18T00:00:00", "type": "nessus", "title": "openSUSE Security Update : MozillaThunderbird (openSUSE-2021-644)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-23961", "CVE-2021-23994", "CVE-2021-23995", "CVE-2021-23998", "CVE-2021-23999", "CVE-2021-24002", "CVE-2021-29945", "CVE-2021-29946", "CVE-2021-29948"], "modified": "2022-01-26T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:mozillathunderbird", "p-cpe:/a:novell:opensuse:mozillathunderbird-debuginfo", "p-cpe:/a:novell:opensuse:mozillathunderbird-debugsource", "p-cpe:/a:novell:opensuse:mozillathunderbird-translations-common", "p-cpe:/a:novell:opensuse:mozillathunderbird-translations-other", "cpe:/o:novell:opensuse:15.2"], "id": "OPENSUSE-2021-644.NASL", "href": "https://www.tenable.com/plugins/nessus/149577", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2021-644.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(149577);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/01/26\");\n\n script_cve_id(\n \"CVE-2021-23961\",\n \"CVE-2021-23994\",\n \"CVE-2021-23995\",\n \"CVE-2021-23998\",\n \"CVE-2021-23999\",\n \"CVE-2021-24002\",\n \"CVE-2021-29945\",\n \"CVE-2021-29946\",\n \"CVE-2021-29948\"\n );\n\n script_name(english:\"openSUSE Security Update : MozillaThunderbird (openSUSE-2021-644)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote openSUSE host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"This update for MozillaThunderbird fixes the following issues :\n\n - Firefox was updated to 78.10.0 ESR (bsc#1184960)\n\n - CVE-2021-23994: Out of bound write due to lazy\n initialization\n\n - CVE-2021-23995: Use-after-free in Responsive Design Mode\n\n - CVE-2021-23998: Secure Lock icon could have been spoofed\n\n - CVE-2021-23961: More internal network hosts could have\n been probed by a malicious webpage\n\n - CVE-2021-23999: Blob URLs may have been granted\n additional privileges\n\n - CVE-2021-24002: Arbitrary FTP command execution on FTP\n servers using an encoded URL\n\n - CVE-2021-29945: Incorrect size computation in\n WebAssembly JIT could lead to null-reads\n\n - CVE-2021-29946: Port blocking could be bypassed&#9; \n\n - CVE-2021-29948: Race condition when reading from disk\n while verifying signatures\n\nThis update was imported from the SUSE:SLE-15-SP2:Update update\nproject.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1184960\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected MozillaThunderbird packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-29946\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/02/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/05/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/05/18\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaThunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaThunderbird-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaThunderbird-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaThunderbird-translations-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaThunderbird-translations-other\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.2\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(x86_64)$\") audit(AUDIT_ARCH_NOT, \"x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.2\", reference:\"MozillaThunderbird-78.10.0-lp152.2.41.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"MozillaThunderbird-debuginfo-78.10.0-lp152.2.41.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"MozillaThunderbird-debugsource-78.10.0-lp152.2.41.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"MozillaThunderbird-translations-common-78.10.0-lp152.2.41.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"MozillaThunderbird-translations-other-78.10.0-lp152.2.41.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"MozillaThunderbird / MozillaThunderbird-debuginfo / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T14:16:26", "description": "The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2021:1352 advisory.\n\n - Mozilla: More internal network hosts could have been probed by a malicious webpage (CVE-2021-23961)\n\n - Mozilla: Out of bound write due to lazy initialization (CVE-2021-23994)\n\n - Mozilla: Use-after-free in Responsive Design Mode (CVE-2021-23995)\n\n - Mozilla: Secure Lock icon could have been spoofed (CVE-2021-23998)\n\n - Mozilla: Blob URLs may have been granted additional privileges (CVE-2021-23999)\n\n - Mozilla: Arbitrary FTP command execution on FTP servers using an encoded URL (CVE-2021-24002)\n\n - Mozilla: Incorrect size computation in WebAssembly JIT could lead to null-reads (CVE-2021-29945)\n\n - Mozilla: Port blocking could be bypassed (CVE-2021-29946)\n\n - Mozilla: Race condition when reading from disk while verifying signatures (CVE-2021-29948)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-04-26T00:00:00", "type": "nessus", "title": "RHEL 8 : thunderbird (RHSA-2021:1352)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-23961", "CVE-2021-23994", "CVE-2021-23995", "CVE-2021-23998", "CVE-2021-23999", "CVE-2021-24002", "CVE-2021-29945", "CVE-2021-29946", "CVE-2021-29948"], "modified": "2023-05-24T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:thunderbird", "cpe:/o:redhat:rhel_aus:8.2", "cpe:/o:redhat:rhel_e4s:8.2", "cpe:/o:redhat:rhel_eus:8.2", "cpe:/o:redhat:rhel_tus:8.2"], "id": "REDHAT-RHSA-2021-1352.NASL", "href": "https://www.tenable.com/plugins/nessus/148983", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2021:1352. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(148983);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/24\");\n\n script_cve_id(\n \"CVE-2021-23961\",\n \"CVE-2021-23994\",\n \"CVE-2021-23995\",\n \"CVE-2021-23998\",\n \"CVE-2021-23999\",\n \"CVE-2021-24002\",\n \"CVE-2021-29945\",\n \"CVE-2021-29946\",\n \"CVE-2021-29948\"\n );\n script_xref(name:\"RHSA\", value:\"2021:1352\");\n script_xref(name:\"IAVA\", value:\"2021-A-0051-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0185-S\");\n\n script_name(english:\"RHEL 8 : thunderbird (RHSA-2021:1352)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as\nreferenced in the RHSA-2021:1352 advisory.\n\n - Mozilla: More internal network hosts could have been probed by a malicious webpage (CVE-2021-23961)\n\n - Mozilla: Out of bound write due to lazy initialization (CVE-2021-23994)\n\n - Mozilla: Use-after-free in Responsive Design Mode (CVE-2021-23995)\n\n - Mozilla: Secure Lock icon could have been spoofed (CVE-2021-23998)\n\n - Mozilla: Blob URLs may have been granted additional privileges (CVE-2021-23999)\n\n - Mozilla: Arbitrary FTP command execution on FTP servers using an encoded URL (CVE-2021-24002)\n\n - Mozilla: Incorrect size computation in WebAssembly JIT could lead to null-reads (CVE-2021-29945)\n\n - Mozilla: Port blocking could be bypassed (CVE-2021-29946)\n\n - Mozilla: Race condition when reading from disk while verifying signatures (CVE-2021-29948)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-23961\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-23994\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-23995\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-23998\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-23999\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-24002\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-29945\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-29946\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-29948\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2021:1352\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1951364\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1951365\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1951366\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1951367\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1951368\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1951369\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1951370\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1951371\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1951381\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected thunderbird package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-29946\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(88, 190, 200, 281, 367, 416, 476, 787);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/01/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/04/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/04/26\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:thunderbird\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'eq', os_version: os_ver, rhel_version: '8.2')) audit(AUDIT_OS_NOT, 'Red Hat 8.2', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/aus/rhel8/8.2/x86_64/appstream/debug',\n 'content/aus/rhel8/8.2/x86_64/appstream/os',\n 'content/aus/rhel8/8.2/x86_64/appstream/source/SRPMS',\n 'content/aus/rhel8/8.2/x86_64/baseos/debug',\n 'content/aus/rhel8/8.2/x86_64/baseos/os',\n 'content/aus/rhel8/8.2/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.2/ppc64le/appstream/debug',\n 'content/e4s/rhel8/8.2/ppc64le/appstream/os',\n 'content/e4s/rhel8/8.2/ppc64le/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.2/ppc64le/baseos/debug',\n 'content/e4s/rhel8/8.2/ppc64le/baseos/os',\n 'content/e4s/rhel8/8.2/ppc64le/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.2/ppc64le/highavailability/debug',\n 'content/e4s/rhel8/8.2/ppc64le/highavailability/os',\n 'content/e4s/rhel8/8.2/ppc64le/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.2/ppc64le/sap-solutions/debug',\n 'content/e4s/rhel8/8.2/ppc64le/sap-solutions/os',\n 'content/e4s/rhel8/8.2/ppc64le/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.2/ppc64le/sap/debug',\n 'content/e4s/rhel8/8.2/ppc64le/sap/os',\n 'content/e4s/rhel8/8.2/ppc64le/sap/source/SRPMS',\n 'content/e4s/rhel8/8.2/x86_64/appstream/debug',\n 'content/e4s/rhel8/8.2/x86_64/appstream/os',\n 'content/e4s/rhel8/8.2/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.2/x86_64/baseos/debug',\n 'content/e4s/rhel8/8.2/x86_64/baseos/os',\n 'content/e4s/rhel8/8.2/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.2/x86_64/highavailability/debug',\n 'content/e4s/rhel8/8.2/x86_64/highavailability/os',\n 'content/e4s/rhel8/8.2/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.2/x86_64/sap-solutions/debug',\n 'content/e4s/rhel8/8.2/x86_64/sap-solutions/os',\n 'content/e4s/rhel8/8.2/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.2/x86_64/sap/debug',\n 'content/e4s/rhel8/8.2/x86_64/sap/os',\n 'content/e4s/rhel8/8.2/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.2/aarch64/appstream/debug',\n 'content/eus/rhel8/8.2/aarch64/appstream/os',\n 'content/eus/rhel8/8.2/aarch64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.2/aarch64/baseos/debug',\n 'content/eus/rhel8/8.2/aarch64/baseos/os',\n 'content/eus/rhel8/8.2/aarch64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.2/aarch64/codeready-builder/debug',\n 'content/eus/rhel8/8.2/aarch64/codeready-builder/os',\n 'content/eus/rhel8/8.2/aarch64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.2/aarch64/highavailability/debug',\n 'content/eus/rhel8/8.2/aarch64/highavailability/os',\n 'content/eus/rhel8/8.2/aarch64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.2/aarch64/supplementary/debug',\n 'content/eus/rhel8/8.2/aarch64/supplementary/os',\n 'content/eus/rhel8/8.2/aarch64/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/appstream/debug',\n 'content/eus/rhel8/8.2/ppc64le/appstream/os',\n 'content/eus/rhel8/8.2/ppc64le/appstream/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/baseos/debug',\n 'content/eus/rhel8/8.2/ppc64le/baseos/os',\n 'content/eus/rhel8/8.2/ppc64le/baseos/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/codeready-builder/debug',\n 'content/eus/rhel8/8.2/ppc64le/codeready-builder/os',\n 'content/eus/rhel8/8.2/ppc64le/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/highavailability/debug',\n 'content/eus/rhel8/8.2/ppc64le/highavailability/os',\n 'content/eus/rhel8/8.2/ppc64le/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/resilientstorage/debug',\n 'content/eus/rhel8/8.2/ppc64le/resilientstorage/os',\n 'content/eus/rhel8/8.2/ppc64le/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/sap-solutions/debug',\n 'content/eus/rhel8/8.2/ppc64le/sap-solutions/os',\n 'content/eus/rhel8/8.2/ppc64le/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/sap/debug',\n 'content/eus/rhel8/8.2/ppc64le/sap/os',\n 'content/eus/rhel8/8.2/ppc64le/sap/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/supplementary/debug',\n 'content/eus/rhel8/8.2/ppc64le/supplementary/os',\n 'content/eus/rhel8/8.2/ppc64le/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/appstream/debug',\n 'content/eus/rhel8/8.2/x86_64/appstream/os',\n 'content/eus/rhel8/8.2/x86_64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/baseos/debug',\n 'content/eus/rhel8/8.2/x86_64/baseos/os',\n 'content/eus/rhel8/8.2/x86_64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/codeready-builder/debug',\n 'content/eus/rhel8/8.2/x86_64/codeready-builder/os',\n 'content/eus/rhel8/8.2/x86_64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/highavailability/debug',\n 'content/eus/rhel8/8.2/x86_64/highavailability/os',\n 'content/eus/rhel8/8.2/x86_64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/resilientstorage/debug',\n 'content/eus/rhel8/8.2/x86_64/resilientstorage/os',\n 'content/eus/rhel8/8.2/x86_64/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/sap-solutions/debug',\n 'content/eus/rhel8/8.2/x86_64/sap-solutions/os',\n 'content/eus/rhel8/8.2/x86_64/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/sap/debug',\n 'content/eus/rhel8/8.2/x86_64/sap/os',\n 'content/eus/rhel8/8.2/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/supplementary/debug',\n 'content/eus/rhel8/8.2/x86_64/supplementary/os',\n 'content/eus/rhel8/8.2/x86_64/supplementary/source/SRPMS',\n 'content/tus/rhel8/8.2/x86_64/appstream/debug',\n 'content/tus/rhel8/8.2/x86_64/appstream/os',\n 'content/tus/rhel8/8.2/x86_64/appstream/source/SRPMS',\n 'content/tus/rhel8/8.2/x86_64/baseos/debug',\n 'content/tus/rhel8/8.2/x86_64/baseos/os',\n 'content/tus/rhel8/8.2/x86_64/baseos/source/SRPMS',\n 'content/tus/rhel8/8.2/x86_64/highavailability/debug',\n 'content/tus/rhel8/8.2/x86_64/highavailability/os',\n 'content/tus/rhel8/8.2/x86_64/highavailability/source/SRPMS',\n 'content/tus/rhel8/8.2/x86_64/nfv/debug',\n 'content/tus/rhel8/8.2/x86_64/nfv/os',\n 'content/tus/rhel8/8.2/x86_64/nfv/source/SRPMS',\n 'content/tus/rhel8/8.2/x86_64/rt/debug',\n 'content/tus/rhel8/8.2/x86_64/rt/os',\n 'content/tus/rhel8/8.2/x86_64/rt/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'thunderbird-78.10.0-1.el8_2', 'sp':'2', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE},\n {'reference':'thunderbird-78.10.0-1.el8_2', 'sp':'2', 'cpu':'ppc64le', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE},\n {'reference':'thunderbird-78.10.0-1.el8_2', 'sp':'2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var subscription_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in the Red Hat Enterprise Linux\\n' +\n 'Advanced Update Support, Extended Update Support, Telco Extended Update Support or Update Services for SAP Solutions repositories.\\n' +\n 'Access to these repositories requires a paid RHEL subscription.\\n';\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = subscription_caveat + rpm_report_get() + redhat_report_repo_caveat();\n else extra = subscription_caveat + rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'thunderbird');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T15:08:14", "description": "The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2021-1350 advisory.\n\n - Further techniques that built on the slipstream research combined with a malicious webpage could have exposed both an internal network's hosts as well as services running on the user's local machine. This vulnerability affects Firefox < 85. (CVE-2021-23961)\n\n - A WebGL framebuffer was not initialized early enough, resulting in memory corruption and an out of bound write. (CVE-2021-23994)\n\n - When Responsive Design Mode was enabled, it used references to objects that were previously freed. We presume that with enough effort this could have been exploited to run arbitrary code. (CVE-2021-23995)\n\n - Through complicated navigations with new windows, an HTTP page could have inherited a secure lock icon from an HTTPS page. (CVE-2021-23998)\n\n - If a Blob URL was loaded through some unusual user interaction, it could have been loaded by the System Principal and granted additional privileges that should not be granted to web content. (CVE-2021-23999)\n\n - When a user clicked on an FTP URL containing encoded newline characters (%0A and %0D), the newlines would have been interpreted as such and allowed arbitrary commands to be sent to the FTP server.\n (CVE-2021-24002)\n\n - Mozilla: Race condition when reading from disk while verifying signatures (CVE-2021-29948)\n\n - The WebAssembly JIT could miscalculate the size of a return type, which could lead to a null read and result in a crash. Note: This issue only affected x86-32 platforms. Other platforms are unaffected.\n (CVE-2021-29945)\n\n - Ports that were written as an integer overflow above the bounds of a 16-bit integer could have bypassed port blocking restrictions when used in the Alt-Svc header. (CVE-2021-29946)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-04-27T00:00:00", "type": "nessus", "title": "Oracle Linux 7 : thunderbird (ELSA-2021-1350)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-23961", "CVE-2021-23994", "CVE-2021-23995", "CVE-2021-23998", "CVE-2021-23999", "CVE-2021-24002", "CVE-2021-29945", "CVE-2021-29946", "CVE-2021-29948"], "modified": "2021-06-28T00:00:00", "cpe": ["cpe:/o:oracle:linux:7", "p-cpe:/a:oracle:linux:thunderbird"], "id": "ORACLELINUX_ELSA-2021-1350.NASL", "href": "https://www.tenable.com/plugins/nessus/148998", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2021-1350.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(148998);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/06/28\");\n\n script_cve_id(\n \"CVE-2021-23961\",\n \"CVE-2021-23994\",\n \"CVE-2021-23995\",\n \"CVE-2021-23998\",\n \"CVE-2021-23999\",\n \"CVE-2021-24002\",\n \"CVE-2021-29945\",\n \"CVE-2021-29946\",\n \"CVE-2021-29948\"\n );\n\n script_name(english:\"Oracle Linux 7 : thunderbird (ELSA-2021-1350)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the\nELSA-2021-1350 advisory.\n\n - Further techniques that built on the slipstream research combined with a malicious webpage could have\n exposed both an internal network's hosts as well as services running on the user's local machine. This\n vulnerability affects Firefox < 85. (CVE-2021-23961)\n\n - A WebGL framebuffer was not initialized early enough, resulting in memory corruption and an out of bound\n write. (CVE-2021-23994)\n\n - When Responsive Design Mode was enabled, it used references to objects that were previously freed. We\n presume that with enough effort this could have been exploited to run arbitrary code. (CVE-2021-23995)\n\n - Through complicated navigations with new windows, an HTTP page could have inherited a secure lock icon\n from an HTTPS page. (CVE-2021-23998)\n\n - If a Blob URL was loaded through some unusual user interaction, it could have been loaded by the System\n Principal and granted additional privileges that should not be granted to web content. (CVE-2021-23999)\n\n - When a user clicked on an FTP URL containing encoded newline characters (%0A and %0D), the newlines would\n have been interpreted as such and allowed arbitrary commands to be sent to the FTP server.\n (CVE-2021-24002)\n\n - Mozilla: Race condition when reading from disk whil