rpm package
suse/MozillaFirefox&distro=SUSE Linux Enterprise Server 12 SP4-ESPOS
pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP4-ESPOS
Vulnerabilities (63)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-25728 | — | < 102.8.0-112.150.1 | 102.8.0-112.150.1 | Jun 2, 2023 | The Content-Security-Policy-Report-Only header could allow an attacker to leak a child iframe's unredacted URI when interaction with that iframe triggers a redirect. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8. | ||
| CVE-2023-1945 | — | < 102.10.0-112.156.1 | 102.10.0-112.156.1 | Jun 2, 2023 | Unexpected data returned from the Safe Browsing API could have led to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 102.10 and Firefox ESR < 102.10. | ||
| CVE-2023-0767 | — | < 102.8.0-112.150.1 | 102.8.0-112.150.1 | Jun 2, 2023 | An attacker could construct a PKCS 12 cert bundle in such a way that could allow for arbitrary memory writes via PKCS 12 Safe Bag attributes being mishandled. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8. |
- CVE-2023-25728Jun 2, 2023affected < 102.8.0-112.150.1fixed 102.8.0-112.150.1
The Content-Security-Policy-Report-Only header could allow an attacker to leak a child iframe's unredacted URI when interaction with that iframe triggers a redirect. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8.
- CVE-2023-1945Jun 2, 2023affected < 102.10.0-112.156.1fixed 102.10.0-112.156.1
Unexpected data returned from the Safe Browsing API could have led to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 102.10 and Firefox ESR < 102.10.
- CVE-2023-0767Jun 2, 2023affected < 102.8.0-112.150.1fixed 102.8.0-112.150.1
An attacker could construct a PKCS 12 cert bundle in such a way that could allow for arbitrary memory writes via PKCS 12 Safe Bag attributes being mishandled. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8.
Page 4 of 4