Download
| Alert*
oval:org.secpod.oval:def:89049646
This update for MozillaFirefox to ESR 60.2 fixes several issues. These general changes are part of the version 60 release. - New browser engine with speed improvements - Redesigned graphical user interface elements - Unified address and search bar for new installations - New tab page listing top vis ... oval:org.secpod.oval:def:89002048 This update for MozillaFirefox to version ESR 52.9 fixes the following issues: - CVE-2018-5188: Various memory safety bugs - CVE-2018-12368: No warning when opening executable SettingContent-ms files - CVE-2018-12366: Invalid data handling during QCMS transformations - CVE-2018-12365: Compromised I ... oval:org.secpod.oval:def:89003361 This update for MozillaFirefox fixes the following issues: Security issues fixed: CVE-2018-18500: Fixed a use-after-free parsing HTML5 stream . CVE-2018-18501: Fixed multiple memory safety bugs . CVE-2018-18505: Fixed a privilege escalation through IPC channel messages . oval:org.secpod.oval:def:89003120 This update for MozillaFirefox fixes the following issues: Mozilla Firefox was updated to 68.3esr Security issues fixed: - CVE-2019-17008: Fixed a use-after-free in worker destruction - CVE-2019-13722: Fixed a stack corruption due to incorrect number of arguments in WebRTC code - CVE-2019-11745: ... oval:org.secpod.oval:def:89002418 This update for MozillaFirefox fixes the following issues: Security issues fixed: - Update to Mozilla Firefox 60.3.0esr: MFSA 2018-27 - CVE-2018-12392: Crash with nested event loops. - CVE-2018-12393: Integer overflow during Unicode conversion while loading JavaScript. - CVE-2018-12395: WebExtensio ... oval:org.secpod.oval:def:89043937 This update contains Mozilla Firefox 60.7ESR. It brings lots of security fixes and other improvements. It also includes new additional helper libraries to allow Firefox to run on SUSE Linux Enterprise 11. oval:org.secpod.oval:def:89002500 This update for MozillaFirefox fixes the following issues: Security issues fixed in Firefox ESR 52.7.3 : - CVE-2018-5125: Memory safety bugs fixed in Firefox 59 and Firefox ESR 52.7 - CVE-2018-5127: Buffer overflow manipulating SVG animatedPathSegList - CVE-2018-5129: Out-of-bounds write with malfor ... oval:org.secpod.oval:def:89003390 This update for MozillaFirefox fixes the following issues: - Mozilla Firefox Firefox 60.7.2 MFSA 2019-19 - CVE-2019-11708: Fix sandbox escape using Prompt:Open. * Insufficient vetting of parameters passed with the Prompt:Open IPC message between child and parent processes could result in the non-sa ... oval:org.secpod.oval:def:89045793 This update for MozillaFirefox fixes the following issues: MozillaFirefox was updated to Extended Support Release 91.3.0 ESR * Fixed: Various stability, functionality, and security fixes MFSA 2021-49 * CVE-2021-38503: iframe sandbox rules did not apply to XSLT stylesheets * CVE-2021-38504: Use-afte ... oval:org.secpod.oval:def:89002211 This update for MozillaFirefox fixes the following security issue: - CVE-2018-6126: Prevent heap buffer overflow in rasterizing paths in SVG with Skia . oval:org.secpod.oval:def:89002447 This update for MozillaFirefox to version ESR 52.6 fixes several issues. These security issues were fixed: - CVE-2018-5091: Use-after-free with DTMF timers . - CVE-2018-5095: Integer overflow in Skia library during edge builder allocation . - CVE-2018-5096: Use-after-free while editing form elements ... oval:org.secpod.oval:def:89044640 This update for MozillaFirefox and mozilla-nss fixes the following issues: Mozilla Firefox was updated to ESR 52.4 * MFSA 2017-22/CVE-2017-7825: OS X fonts render some Tibetan and Arabic unicode characters as spaces * MFSA 2017-22/CVE-2017-7805: Use-after-free in TLS 1.2 generating handshake hashes ... oval:org.secpod.oval:def:89044885 This update for MozillaFirefox to ESR 52.4, mozilla-nss fixes the following issues: This security issue was fixed for mozilla-nss: - CVE-2017-7805: Prevent use-after-free in TLS 1.2 when generating handshake hashes These security issues were fixed for Firefox - CVE-2017-7825: Fixed some Tibetan and ... oval:org.secpod.oval:def:89044613 This update for MozillaFirefox to ESR 52.3 fixes several issues. These security issues were fixed: - CVE-2017-7807 Domain hijacking through AppCache fallback - CVE-2017-7791 Spoofing following page navigation with data: protocol and modal alerts - CVE-2017-7792 Buffer overflow viewing certificates ... oval:org.secpod.oval:def:400603 MozillaFirefox is installed oval:org.secpod.oval:def:89044987 This update for MozillaFirefox ESR 52.5 fixes the following issues: Security issues fixed: - CVE-2017-7826: Memory safety bugs fixed . - CVE-2017-7828: Use-after-free of PressShell while restyling layout . - CVE-2017-7830: Cross-origin URL information leak through Resource Timing API . Mozilla Found ... oval:org.secpod.oval:def:89044741 This update for MozillaFirefox ESR 52.5 fixes the following issues: Security issues fixed: - CVE-2017-7826: Memory safety bugs fixed . - CVE-2017-7828: Use-after-free of PressShell while restyling layout . - CVE-2017-7830: Cross-origin URL information leak through Resource Timing API . Mozilla Found ... oval:org.secpod.oval:def:89003177 This update for MozillaFirefox fixes the following issues: Security issuess addressed: - update to Firefox ESR 60.6.1 : - CVE-2019-9813: Fixed Ionmonkey type confusion with __proto__ mutations - CVE-2019-9810: Fixed IonMonkey MArraySlice incorrect alias information - Update to Firefox ESR 60.6 : - C ... oval:org.secpod.oval:def:3301093 SUSE Security Update: Security update for MozillaFirefox oval:org.secpod.oval:def:3301170 SUSE Security Update: Security update for MozillaFirefox oval:org.secpod.oval:def:3301231 SUSE Security Update: Security update for MozillaFirefox oval:org.secpod.oval:def:3300922 SUSE Security Update: Security update for MozillaFirefox oval:org.secpod.oval:def:89047322 This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 78.11.0 ESR * CVE-2021-29964: Out of bounds-read when parsing a `WM_COPYDATA` message * CVE-2021-29967: Memory safety bugs fixed in Firefox oval:org.secpod.oval:def:3301249 SUSE Security Update: Security update for MozillaFirefox oval:org.secpod.oval:def:3301102 SUSE Security Update: Security update for MozillaFirefox oval:org.secpod.oval:def:89047044 This update for MozillaFirefox fixes the following issues: Mozilla Firefox was updated to 102.2.0esr ESR: * Fixed: Various stability, functionality, and security fixes. - MFSA 2022-34 * CVE-2022-38472 Address bar spoofing via XSLT error handling * CVE-2022-38473 Cross-origin XSLT Documents would ... oval:org.secpod.oval:def:89047024 This update for MozillaFirefox fixes the following issues: Mozilla Firefox was updated to 102.3.0esr ESR : - CVE-2022-40959: Fixed bypassing FeaturePolicy restrictions on transient pages. - CVE-2022-40960: Fixed data-race when parsing non-UTF-8 URLs in threads. - CVE-2022-40958: Fixed bypassing secu ... oval:org.secpod.oval:def:89047021 This update for MozillaFirefox fixes the following issues: Mozilla Firefox was updated to 102.2.0esr ESR: * Fixed: Various stability, functionality, and security fixes. - MFSA 2022-34 * CVE-2022-38472 Address bar spoofing via XSLT error handling * CVE-2022-38473 Cross-origin XSLT Documents would ... oval:org.secpod.oval:def:3301139 SUSE Security Update: Security update for MozillaFirefox oval:org.secpod.oval:def:3301221 SUSE Security Update: Security update for MozillaFirefox oval:org.secpod.oval:def:3300963 SUSE Security Update: Security update for MozillaFirefox oval:org.secpod.oval:def:89050227 This update for MozillaFirefox fixes the following issues: - Firefox Extended Support Release 68.4.1 ESR * Fixed: Security fix MFSA 2020-03 * CVE-2019-17026 IonMonkey type confusion with StoreElementHole and FallibleStoreElement - Firefox Extended Support Release 68.4.0 ESR * Fixed: Various securi ... oval:org.secpod.oval:def:89050220 This update for MozillaFirefox fixes the following issues: - Firefox Extended Support Release 68.5.0 ESR * Fixed: Various stability and security fixes - Mozilla Firefox ESR68.5 MFSA 2020-06 * CVE-2020-6796 Missing bounds check on shared memory read in the parent process * CVE-2020-6797 Extensions ... oval:org.secpod.oval:def:89050453 This update for MozillaFirefox fixes the following issues: MozillaFirefox was updated to 68.6.0 ESR - CVE-2020-6805: Fixed a use-after-free when removing data about origins - CVE-2020-6806: Fixed improper protections against state confusion - CVE-2020-6807: Fixed a use-after-free in cubeb during st ... oval:org.secpod.oval:def:89050353 This update for MozillaFirefox to version 68.7.0 ESR fixes the following issues: - CVE-2020-6821: Uninitialized memory could be read when using the WebGL copyTexSubImage method . - CVE-2020-6822: Fixed out of bounds write in GMPDecodeData when processing large images . - CVE-2020-6825: Fixed Memory ... oval:org.secpod.oval:def:89000363 This update for MozillaFirefox to version 68.7.0 ESR fixes the following issues: - CVE-2020-6821: Uninitialized memory could be read when using the WebGL copyTexSubImage method . - CVE-2020-6822: Fixed out of bounds write in GMPDecodeData when processing large images . - CVE-2020-6825: Fixed Memory ... oval:org.secpod.oval:def:89050384 This update for MozillaFirefox fixes the following issues: Update to version 68.8.0 ESR : - CVE-2020-12387: Use-after-free during worker shutdown - CVE-2020-12388: Sandbox escape with improperly guarded Access Tokens - CVE-2020-12389: Sandbox escape with improperly separated process types - CVE-2020 ... oval:org.secpod.oval:def:89050385 This update for MozillaFirefox fixes the following issues: - MozillaFirefox was updated to version 68.9.0 Extended Support Release . - CVE-2020-12405: Fixed a use-after-free in SharedWorkerService. - CVE-2020-12406: Fixed a JavaScript Type confusion with NativeTypes. - CVE-2020-12410: Fixed multiple ... oval:org.secpod.oval:def:89050380 This update for MozillaFirefox to version 78.0.1 ESR fixes the following issues: Security issues fixed: - CVE-2020-12415: AppCache manifest poisoning due to url encoded character processing . - CVE-2020-12416: Use-after-free in WebRTC VideoBroadcaster . - CVE-2020-12417: Memory corruption due to mis ... oval:org.secpod.oval:def:89050271 This update for MozillaFirefox fixes the following issues: - Mozilla Firefox 78.0.2 MFSA 2020-28 * MFSA-2020-0003 X-Frame-Options bypass using object or embed tags - Firefox Extended Support Release 78.0.2esr ESR * Fixed: Security fix * Fixed: Fixed an accessibility regression in reader mode * Fi ... oval:org.secpod.oval:def:89050415 This update for MozillaFirefox fixes the following issues: - Firefox Extended Support Release 78.2.0 ESR * Fixed: Various stability, functionality, and security fixes - Mozilla Firefox ESR 78.2 MFSA 2020-38 * CVE-2020-15663 Downgrade attack on the Mozilla Maintenance Service could have resulted in ... oval:org.secpod.oval:def:89050422 This update for MozillaFirefox fixes the following issues: -Firefox was updated to 78.3.0 ESR - CVE-2020-15677: Download origin spoofing via redirect - CVE-2020-15676: Fixed an XSS when pasting attacker-controlled data into a contenteditable element - CVE-2020-15678: When recursing through layers w ... oval:org.secpod.oval:def:89050425 This update for MozillaFirefox fixes the following issues: - Firefox was updated to 78.3.0 ESR - CVE-2020-15677: Download origin spoofing via redirect - CVE-2020-15676: Fixed an XSS when pasting attacker-controlled data into a contenteditable element - CVE-2020-15678: When recursing through layers ... oval:org.secpod.oval:def:89050864 This update for MozillaFirefox fixes the following issues: Mozilla Firefox was updated to 68.3esr Security issues fixed: - CVE-2019-17008: Fixed a use-after-free in worker destruction - CVE-2019-13722: Fixed a stack corruption due to incorrect number of arguments in WebRTC code - CVE-2019-11745: ... oval:org.secpod.oval:def:89044267 This update for MozillaFirefox fixes the following issues: - Firefox was updated to 78.10.0 ESR * CVE-2021-23994: Out of bound write due to lazy initialization * CVE-2021-23995: Use-after-free in Responsive Design Mode * CVE-2021-23998: Secure Lock icon could have been spoofed * CVE-2021-23961: Mor ... oval:org.secpod.oval:def:89044266 This update for MozillaFirefox fixes the following issues: - Firefox was updated to 78.10.0 ESR * CVE-2021-23994: Out of bound write due to lazy initialization * CVE-2021-23995: Use-after-free in Responsive Design Mode * CVE-2021-23998: Secure Lock icon could have been spoofed * CVE-2021-23961: Mor ... oval:org.secpod.oval:def:89044208 This update for MozillaFirefox fixes the following issues: - MozillaFirefox was updated to 78.10.0 ESR * CVE-2021-23994: Out of bound write due to lazy initialization * CVE-2021-23995: Use-after-free in Responsive Design Mode * CVE-2021-23998: Secure Lock icon could have been spoofed * CVE-2021-239 ... oval:org.secpod.oval:def:3300186 SUSE Security Update: Security update for MozillaFirefox oval:org.secpod.oval:def:89048139 This update for MozillaFirefox fixes the following issues: - Updated to version 102.7.0 ESR : - CVE-2022-46871: Updated an out of date library which contained several vulnerabilities. - CVE-2023-23598: Fixed an arbitrary file read from GTK drag and drop on Linux. - CVE-2023-23601: Fixed a potential ... oval:org.secpod.oval:def:89048036 This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 102.6.0 ESR : - CVE-2022-46880: Use-after-free in WebGL - CVE-2022-46872: Arbitrary file read from a compromised content process - CVE-2022-46881: Memory corruption in WebGL - CVE-2022-46874: Drag and Dropped ... oval:org.secpod.oval:def:89048033 This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 102.6.0 ESR : - CVE-2022-46880: Use-after-free in WebGL - CVE-2022-46872: Arbitrary file read from a compromised content process - CVE-2022-46881: Memory corruption in WebGL - CVE-2022-46874: Drag and Dropped ... oval:org.secpod.oval:def:89048032 This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 102.6.0 ESR : - CVE-2022-46880: Use-after-free in WebGL - CVE-2022-46872: Arbitrary file read from a compromised content process - CVE-2022-46881: Memory corruption in WebGL - CVE-2022-46874: Drag and Dropped ... oval:org.secpod.oval:def:89048146 This update for MozillaFirefox fixes the following issues: - Updated to version 102.7.0 ESR : - CVE-2022-46871: Updated an out of date library which contained several vulnerabilities. - CVE-2023-23598: Fixed an arbitrary file read from GTK drag and drop on Linux. - CVE-2023-23601: Fixed a potential ... oval:org.secpod.oval:def:89048142 This update for MozillaFirefox fixes the following issues: - Updated to version 102.7.0 ESR : - CVE-2022-46871: Updated an out of date library which contained several vulnerabilities. - CVE-2023-23598: Fixed an arbitrary file read from GTK drag and drop on Linux. - CVE-2023-23601: Fixed a potential ... oval:org.secpod.oval:def:89047263 This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 78.13.0 ESR : - CVE-2021-29986: Race condition when resolving DNS names could have led to memory corruption - CVE-2021-29988: Memory corruption as a result of incorrect style treatment - CVE-2021-29984: Incor ... oval:org.secpod.oval:def:89047321 This update for MozillaFirefox fixes the following issues: This update contains the Firefox Extended Support Release 91.2.0 ESR. Release 91.2.0 ESR: * Fixed: Various stability, functionality, and security fixes MFSA 2021-45 : * CVE-2021-38496: Use-after-free in MessageTask * CVE-2021-38497: Validati ... oval:org.secpod.oval:def:89047131 This update for MozillaFirefox fixes the following issues: MozillaFirefox was updated to Extended Support Release 91.3.0 ESR * Fixed: Various stability, functionality, and security fixes MFSA 2021-49 * CVE-2021-38503: iframe sandbox rules did not apply to XSLT stylesheets * CVE-2021-38504: Use-afte ... oval:org.secpod.oval:def:89047449 This update for MozillaFirefox fixes the following issues: - CVE-2021-4140: Fixed iframe sandbox bypass with XSLT . - CVE-2022-22737: Fixed race condition when playing audio files . - CVE-2022-22738: Fixed heap-buffer-overflow in blendGaussianBlur . - CVE-2022-22739: Fixed missing throttling on exte ... oval:org.secpod.oval:def:89047510 This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 91.6.0 ESR / MFSA 2022-05 - CVE-2022-22753: Privilege Escalation to SYSTEM on Windows via Maintenance Service - CVE-2022-22754: Extensions could have bypassed permission confirmation during update - CVE-2022 ... oval:org.secpod.oval:def:89046076 This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 91.6.0 ESR / MFSA 2022-05 - CVE-2022-22753: Privilege Escalation to SYSTEM on Windows via Maintenance Service - CVE-2022-22754: Extensions could have bypassed permission confirmation during update - CVE-2022 ... oval:org.secpod.oval:def:89046074 This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 91.6.0 ESR / MFSA 2022-05 - CVE-2022-22753: Privilege Escalation to SYSTEM on Windows via Maintenance Service - CVE-2022-22754: Extensions could have bypassed permission confirmation during update - CVE-2022 ... oval:org.secpod.oval:def:89046062 This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 91.6.0 ESR / MFSA 2022-05 - CVE-2022-22753: Privilege Escalation to SYSTEM on Windows via Maintenance Service - CVE-2022-22754: Extensions could have bypassed permission confirmation during update - CVE-2022 ... oval:org.secpod.oval:def:89046016 This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 91.6.0 ESR / MFSA 2022-05 - CVE-2022-22753: Privilege Escalation to SYSTEM on Windows via Maintenance Service - CVE-2022-22754: Extensions could have bypassed permission confirmation during update - CVE-2022 ... oval:org.secpod.oval:def:89047604 This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 91.6.1 ESR : - CVE-2022-26485: Use-after-free in XSLT parameter processing - CVE-2022-26486: Use-after-free in WebGPU IPC Framework oval:org.secpod.oval:def:89046092 This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 91.6.1 ESR : - CVE-2022-26485: Use-after-free in XSLT parameter processing - CVE-2022-26486: Use-after-free in WebGPU IPC Framework oval:org.secpod.oval:def:89046097 This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 91.6.1 ESR : - CVE-2022-26485: Use-after-free in XSLT parameter processing - CVE-2022-26486: Use-after-free in WebGPU IPC Framework oval:org.secpod.oval:def:3300639 SUSE Security Update: Security update for MozillaFirefox oval:org.secpod.oval:def:89046101 This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 91.6.1 ESR : - CVE-2022-26485: Use-after-free in XSLT parameter processing - CVE-2022-26486: Use-after-free in WebGPU IPC Framework oval:org.secpod.oval:def:89047454 This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 91.7.0 ESR : - CVE-2022-26383: Browser window spoof using fullscreen mode - CVE-2022-26384: iframe allow-scripts sandbox bypass - CVE-2022-26387: Time-of-check time-of-use bug when verifying add-on signatures ... oval:org.secpod.oval:def:89047370 This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 91.8.0 ESR : MFSA 2022-14 * CVE-2022-1097: Fixed memory safety violations that could occur when PKCS#11 tokens are removed while in use * CVE-2022-28281: Fixed an out of bounds write due to unexpected WebAut ... oval:org.secpod.oval:def:89047415 This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 91.9.0 ESR : - CVE-2022-29914: Fullscreen notification bypass using popups - CVE-2022-29909: Bypassing permission prompt in nested browsing contexts - CVE-2022-29916: Leaking browser history with CSS variable ... oval:org.secpod.oval:def:3300774 SUSE Security Update: Security update for MozillaFirefox oval:org.secpod.oval:def:89047554 This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 91.9.1 ESR - MFSA 2022-19 : - CVE-2022-1802: Prototype pollution in Top-Level Await implementation - CVE-2022-1529: Untrusted input used in JavaScript object indexing, leading to prototype pollution oval:org.secpod.oval:def:89047485 This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 91.10.0 ESR - CVE-2022-31736: Cross-Origin resource"s length leaked - CVE-2022-31737: Heap buffer overflow in WebGL - CVE-2022-31738: Browser window spoof using fullscreen mode - CVE-2022-31739: Attacker-inf ... oval:org.secpod.oval:def:89046747 This update for MozillaFirefox fixes the following issues: Update to Firefox Extended Support Release 91.11.0 ESR : - CVE-2022-2200: Undesired attributes could be set as part of prototype pollution - CVE-2022-31744: CSP bypass enabling stylesheet injection - CVE-2022-34468: CSP sandbox header wit ... oval:org.secpod.oval:def:89046745 This update for MozillaFirefox fixes the following issues: Update to Firefox Extended Support Release 91.11.0 ESR : - CVE-2022-2200: Undesired attributes could be set as part of prototype pollution - CVE-2022-31744: CSP bypass enabling stylesheet injection - CVE-2022-34468: CSP sandbox header wit ... oval:org.secpod.oval:def:89047445 This update for MozillaFirefox fixes the following issues: Update to Firefox Extended Support Release 91.11.0 ESR : - CVE-2022-2200: Undesired attributes could be set as part of prototype pollution - CVE-2022-31744: CSP bypass enabling stylesheet injection - CVE-2022-34468: CSP sandbox header wit ... oval:org.secpod.oval:def:3300634 SUSE Security Update: Security update for MozillaFirefox oval:org.secpod.oval:def:89047565 This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 91.12.0 ESR : - CVE-2022-36319: Mouse Position spoofing with CSS transforms - CVE-2022-36318: Directory indexes for bundled resources reflected URL parameters oval:org.secpod.oval:def:89047518 This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 91.13.0 ESR : - CVE-2022-38472: Fixed a potential address bar spoofing via XSLT error handling. - CVE-2022-38473: Fixed an issue where cross-origin XSLT documents could inherit the parent"s permissions. - CVE ... oval:org.secpod.oval:def:89047050 This update for MozillaFirefox fixes the following issues: Mozilla Firefox was updated from 102.2.0esr to 102.3.0esr : - CVE-2022-40959: Fixed bypassing FeaturePolicy restrictions on transient pages. - CVE-2022-40960: Fixed data-race when parsing non-UTF-8 URLs in threads. - CVE-2022-40958: Fixed by ... oval:org.secpod.oval:def:89047013 This update for MozillaFirefox fixes the following issues: Mozilla Firefox was updated from 102.2.0esr to 102.3.0esr : - CVE-2022-40959: Fixed bypassing FeaturePolicy restrictions on transient pages. - CVE-2022-40960: Fixed data-race when parsing non-UTF-8 URLs in threads. - CVE-2022-40958: Fixed by ... oval:org.secpod.oval:def:89047760 This update for MozillaFirefox fixes the following issues: - Updated to version 102.4.0 ESR - CVE-2022-42927: Fixed same-origin policy violation that could have leaked cross-origin URLs. - CVE-2022-42928: Fixed memory Corruption in JS Engine. - CVE-2022-42929: Fixed denial of Service via window.pri ... oval:org.secpod.oval:def:89047633 This update for MozillaFirefox fixes the following issues: - Updated to version 102.4.0 ESR - CVE-2022-42927: Fixed same-origin policy violation that could have leaked cross-origin URLs. - CVE-2022-42928: Fixed memory Corruption in JS Engine. - CVE-2022-42929: Fixed denial of Service via window.pri ... oval:org.secpod.oval:def:3300576 SUSE Security Update: Security update for MozillaFirefox oval:org.secpod.oval:def:89047795 This update for MozillaFirefox fixes the following issues: Updated to version 102.4.0 ESR : - CVE-2022-42927: Fixed same-origin policy violation that could have leaked cross-origin URLs. - CVE-2022-42928: Fixed memory Corruption in JS Engine. - CVE-2022-42929: Fixed denial of Service via window.prin ... oval:org.secpod.oval:def:3300603 SUSE Security Update: Security update for MozillaFirefox oval:org.secpod.oval:def:89045334 This update for MozillaFirefox, mozilla-nss fixes security issues and bugs. The following vulnerabilities were fixed in Firefox ESR 45.5.1 : - CVE-2016-9079: Use-after-free in SVG Animation - CVE-2016-5297: Incorrect argument length checking in Javascript - CVE-2016-9066: Integer overflow leading ... oval:org.secpod.oval:def:89044698 This update for MozillaFirefox and mozilla-nss fixes the following issues: Security issues fixed: - Fixes in Firefox ESR 52.2 - CVE-2017-7758: Out-of-bounds read in Opus encoder - CVE-2017-7749: Use-after-free during docshell reloading - CVE-2017-7751: Use-after-free with content viewer listeners - ... oval:org.secpod.oval:def:89044771 This update for MozillaFirefox to ESR 45.8 fixes the following issues: Security issues fixed : - CVE-2017-5402: Use-after-free working with events in FontFace objects - CVE-2017-5410: Memory corruption during JavaScript garbage collection incremental sweeping - CVE-2017-5400: asm.js JIT-spray bypass ... oval:org.secpod.oval:def:89044670 MozillaFirefox 45 ESR was updated to 45.7 to fix the following issues : * MFSA 2017-02/CVE-2017-5378: Pointer and frame data leakage of Javascript objects * MFSA 2017-02/CVE-2017-5396: Use-after-free with Media Decoder * MFSA 2017-02/CVE-2017-5386: WebExtensions can use data: protocol to affect ot ... oval:org.secpod.oval:def:89045193 MozillaFirefox was updated to 45.4.0 ESR to fix the following issues : The following security issue were fixed: * MFSA 2016-86/CVE-2016-5270: Heap-buffer-overflow in nsCaseTransformTextRunFactory::TransformString * MFSA 2016-86/CVE-2016-5272: Bad cast in nsImageGeometryMixin * MFSA 2016-86/CVE-2016- ... oval:org.secpod.oval:def:89044608 MozillaFirefox 45 ESR was updated to 45.7 to fix the following issues : * MFSA 2017-02/CVE-2017-5378: Pointer and frame data leakage of Javascript objects * MFSA 2017-02/CVE-2017-5396: Use-after-free with Media Decoder * MFSA 2017-02/CVE-2017-5386: WebExtensions can use data: protocol to affect ot ... oval:org.secpod.oval:def:89044849 This update for MozillaFirefox to ESR 45.8 fixes the following issues: Security issues fixed : - CVE-2017-5402: Use-after-free working with events in FontFace objects - CVE-2017-5410: Memory corruption during JavaScript garbage collection incremental sweeping - CVE-2017-5400: asm.js JIT-spray bypass ... oval:org.secpod.oval:def:89045383 MozillaFirefox 45 ESR was updated to 45.6 to fix the following issues: * MFSA 2016-95/CVE-2016-9897: Memory corruption in libGLES * MFSA 2016-95/CVE-2016-9901: Data from Pocket server improperly sanitized before execution * MFSA 2016-95/CVE-2016-9898: Use-after-free in Editor while manipulating DOM ... oval:org.secpod.oval:def:89045382 MozillaFirefox 45 ESR was updated to 45.6 to fix the following issues: * MFSA 2016-95/CVE-2016-9897: Memory corruption in libGLES * MFSA 2016-95/CVE-2016-9901: Data from Pocket server improperly sanitized before execution * MFSA 2016-95/CVE-2016-9898: Use-after-free in Editor while manipulating DOM ... oval:org.secpod.oval:def:89045255 This update for MozillaFirefox, mozilla-nss fixes security issues and bugs. The following vulnerabilities were fixed in Firefox ESR 45.5 : - CVE-2016-5297: Incorrect argument length checking in Javascript - CVE-2016-9066: Integer overflow leading to a buffer overflow in nsScriptLoadHandler - CVE-2 ... oval:org.secpod.oval:def:89044872 The MozillaFirefox was updated to the new ESR 52.2 release, which fixes the following issues : * MFSA 2017-16/CVE-2017-7758 Out-of-bounds read in Opus encoder * MFSA 2017-16/CVE-2017-7749 Use-after-free during docshell reloading * MFSA 2017-16/CVE-2017-7751 Use-after-free with content viewer listene ... oval:org.secpod.oval:def:89045390 This update for MozillaFirefox fixes security issues. The following vulnerabilities were fixed in Firefox ESR 45.5.1 : - CVE-2016-9079: Use-after-free in SVG Animation could be used for code execution oval:org.secpod.oval:def:89047227 This update for MozillaFirefox fixes the following issues: - Firefox Extended Support Release 78.8.0 ESR * Fixed: Various stability, functionality, and security fixes MFSA 2021-08 * CVE-2021-23969: Content Security Policy violation report could have contained the destination of a redirect * CVE-202 ... oval:org.secpod.oval:def:89049781 This update for MozillaFirefox to 60.2.2ESR fixes the following issues: Security issues fixed: MFSA 2018-24: - CVE-2018-12386: A Type confusion in JavaScript allowed remote code execution - CVE-2018-12387: Array.prototype.push stack pointer vulnerability may have enabled exploits in the sandboxed c ... oval:org.secpod.oval:def:89049682 This update for MozillaFirefox, mozilla-nss and mozilla-nspr fixes the following issues: Issues fixed in MozillaFirefox: - Update to Firefox ESR 60.4 - CVE-2018-17466: Fixed a buffer overflow and out-of-bounds read in ANGLE library with TextureStorage11 - CVE-2018-18492: Fixed a use-after-free with ... oval:org.secpod.oval:def:89049658 This update for MozillaFirefox fixes the following issues: Security issues fixed: - Update to Mozilla Firefox 60.3.0esr: MFSA 2018-27 - CVE-2018-12392: Crash with nested event loops. - CVE-2018-12393: Integer overflow during Unicode conversion while loading JavaScript. - CVE-2018-12395: WebExtensio ... oval:org.secpod.oval:def:89000242 This update for MozillaFirefox fixes the following issues: - MozillaFirefox was updated to version 68.9.0 Extended Support Release . - CVE-2020-12405: Fixed a use-after-free in SharedWorkerService. - CVE-2020-12406: Fixed a JavaScript Type confusion with NativeTypes. - CVE-2020-12410: Fixed multiple ... oval:org.secpod.oval:def:89000069 This update for MozillaFirefox fixes the following issues: Update to version 68.8.0 ESR : - CVE-2020-12387: Use-after-free during worker shutdown - CVE-2020-12388: Sandbox escape with improperly guarded Access Tokens - CVE-2020-12389: Sandbox escape with improperly separated process types - CVE-2020 ... oval:org.secpod.oval:def:89047073 This update for MozillaFirefox fixes the following issues: - Firefox Extended Support Release 78.7.0 ESR * CVE-2021-23953: Fixed a Cross-origin information leakage via redirected PDF requests * CVE-2021-23954: Fixed a type confusion when using logical assignment operators in JavaScript switch state ... oval:org.secpod.oval:def:89047201 This update for MozillaFirefox fixes the following issues: - Firefox was updated to 78.9.0 ESR * CVE-2021-23981: Texture upload into an unbound backing buffer resulted in an out-of-bound read * CVE-2021-23982: Internal network hosts could have been probed by a malicious webpage * CVE-2021-23984: Ma ... oval:org.secpod.oval:def:89047314 This update for MozillaFirefox fixes the following issues: - Firefox was updated to 78.10.0 ESR * CVE-2021-23994: Out of bound write due to lazy initialization * CVE-2021-23995: Use-after-free in Responsive Design Mode * CVE-2021-23998: Secure Lock icon could have been spoofed * CVE-2021-23961: Mor ... oval:org.secpod.oval:def:89048636 This update for MozillaFirefox fixes the following issues: Updated to version 102.8.0 ESR : * CVE-2023-25728: Fixed content security policy leak in violation reports using iframes. * CVE-2023-25730: Fixed screen hijack via browser fullscreen mode. * CVE-2023-25743: Fixed Fullscreen notification not ... oval:org.secpod.oval:def:89048632 This update for MozillaFirefox fixes the following issues: Update to version 102.9.0 ESR : * CVE-2023-28159: Fullscreen Notification could have been hidden by download popups on Android * CVE-2023-25748: Fullscreen Notification could have been hidden by window prompts on Android * CVE-2023-25749: Fi ... oval:org.secpod.oval:def:89048506 This update for MozillaFirefox fixes the following issues: Updated to version 102.8.0 ESR : * CVE-2023-25728: Fixed content security policy leak in violation reports using iframes. * CVE-2023-25730: Fixed screen hijack via browser fullscreen mode. * CVE-2023-25743: Fixed Fullscreen notification not ... oval:org.secpod.oval:def:89048495 This update for MozillaFirefox fixes the following issues: Update to version 102.9.0 ESR : * CVE-2023-28159: Fullscreen Notification could have been hidden by download popups on Android * CVE-2023-25748: Fullscreen Notification could have been hidden by window prompts on Android * CVE-2023-25749: Fi ... oval:org.secpod.oval:def:89048709 This update for MozillaFirefox fixes the following issues: * Firefox Extended Support Release 102.10.0 ESR * CVE-2023-29531: Out-of-bound memory access in WebGL on macOS * CVE-2023-29532: Mozilla Maintenance Service Write-lock bypass * CVE-2023-29533: Fullscreen notification obscured * MFSA-TMP-202 ... oval:org.secpod.oval:def:89048702 This update for MozillaFirefox fixes the following issues: * Firefox Extended Support Release 102.10.0 ESR * CVE-2023-29531: Out-of-bound memory access in WebGL on macOS * CVE-2023-29532: Mozilla Maintenance Service Write-lock bypass * CVE-2023-29533: Fullscreen notification obscured * MFSA-TMP-202 ... oval:org.secpod.oval:def:89048700 This update for MozillaFirefox fixes the following issues: * Firefox Extended Support Release 102.10.0 ESR * CVE-2023-29531: Out-of-bound memory access in WebGL on macOS * CVE-2023-29532: Mozilla Maintenance Service Write-lock bypass * CVE-2023-29533: Fullscreen notification obscured * MFSA-TMP-202 ... oval:org.secpod.oval:def:3300222 SUSE Security Update: Security update for MozillaFirefox oval:org.secpod.oval:def:89048641 This update for MozillaFirefox fixes the following issues: Updated to version 102.8.0 ESR : * CVE-2023-25728: Fixed content security policy leak in violation reports using iframes. * CVE-2023-25730: Fixed screen hijack via browser fullscreen mode. * CVE-2023-25743: Fixed Fullscreen notification not ... oval:org.secpod.oval:def:89048666 This update for MozillaFirefox fixes the following issues: Update to version 102.9.0 ESR : * CVE-2023-28159: Fullscreen Notification could have been hidden by download popups on Android * CVE-2023-25748: Fullscreen Notification could have been hidden by window prompts on Android * CVE-2023-25749: Fi ... oval:org.secpod.oval:def:89049377 This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 115.2.1 ESR . * CVE-2023-4863: Fixed heap buffer overflow in libwebp . The following non-security bug was fixed: * Fix i586 build by reducing debug info to -g1 . oval:org.secpod.oval:def:89049376 This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 115.2.1 ESR . * CVE-2023-4863: Fixed heap buffer overflow in libwebp . The following non-security bug was fixed: * Fix i586 build by reducing debug info to -g1 . oval:org.secpod.oval:def:89049375 This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 115.2.1 ESR . * CVE-2023-4863: Fixed heap buffer overflow in libwebp . The following non-security bug was fixed: * Fix i586 build by reducing debug info to -g1 . oval:org.secpod.oval:def:89049033 This update for MozillaFirefox fixes the following issues: Extended Support Release 102.12.0 ESR : * CVE-2023-34414: Click-jacking certificate exceptions through rendering lag * CVE-2023-34416: Memory safety bugs fixed in Firefox 114 and Firefox ESR 102.12 oval:org.secpod.oval:def:89048936 This update for MozillaFirefox fixes the following issues: Extended Support Release 102.12.0 ESR : * CVE-2023-34414: Click-jacking certificate exceptions through rendering lag * CVE-2023-34416: Memory safety bugs fixed in Firefox 114 and Firefox ESR 102.12 oval:org.secpod.oval:def:89048935 This update for MozillaFirefox fixes the following issues: Extended Support Release 102.12.0 ESR : * CVE-2023-34414: Click-jacking certificate exceptions through rendering lag * CVE-2023-34416: Memory safety bugs fixed in Firefox 114 and Firefox ESR 102.12 oval:org.secpod.oval:def:89048839 This update for MozillaFirefox fixes the following issues: Extended Support Release 102.11.0 ESR : * CVE-2023-32205: Browser prompts could have been obscured by popups * CVE-2023-32206: Crash in RLBox Expat driver * CVE-2023-32207: Potential permissions request bypass via clickjacking * CVE-2023-322 ... oval:org.secpod.oval:def:89048829 This update for MozillaFirefox fixes the following issues: Extended Support Release 102.11.0 ESR : * CVE-2023-32205: Browser prompts could have been obscured by popups * CVE-2023-32206: Crash in RLBox Expat driver * CVE-2023-32207: Potential permissions request bypass via clickjacking * CVE-2023-322 ... oval:org.secpod.oval:def:89048836 This update for MozillaFirefox fixes the following issues: Extended Support Release 102.11.0 ESR : * CVE-2023-32205: Browser prompts could have been obscured by popups * CVE-2023-32206: Crash in RLBox Expat driver * CVE-2023-32207: Potential permissions request bypass via clickjacking * CVE-2023-322 ... oval:org.secpod.oval:def:400819 This update for MozillaFirefox fixes the following issues: - update to Firefox 38.6.1 ESR * MFSA 2016-14/CVE-2016-1523 Vulnerabilities in Graphite 2 oval:org.secpod.oval:def:400824 This update to MozillaFirefox 38.8.0 ESR fixes the following issues : - CVE-2016-2805: Miscellaneous memory safety hazards - MFSA 2016-39 - CVE-2016-2807: Miscellaneous memory safety hazards - MFSA 2016-39 - CVE-2016-2814: Buffer overflow in libstagefright with CENC offsets - MFSA 2016-44 - CVE-2 ... oval:org.secpod.oval:def:89045348 MozillaFirefox was updated to 45.3.0 ESR to fix the following issues : * MFSA 2016-62/CVE-2016-2835/CVE-2016-2836 Miscellaneous memory safety hazards * MFSA 2016-63/CVE-2016-2830 Favicon network connection can persist when page is closed * MFSA 2016-64/CVE-2016-2838 Buffer overflow rendering SVG wi ... oval:org.secpod.oval:def:400821 This update for MozillaFirefox, mozilla-nspr, mozilla-nss fixes the following issues: Mozilla Firefox was updated to 38.7.0 ESR , fixing following security issues: * MFSA 2016-16/CVE-2016-1952/CVE-2016-1953 Miscellaneous memory safety hazards * MFSA 2016-17/CVE-2016-1954 Local file overwriting and ... oval:org.secpod.oval:def:89045210 This update for MozillaFirefox fixes the following issues: - update to Firefox 38.6.1 ESR * MFSA 2016-14/CVE-2016-1523 Vulnerabilities in Graphite 2 oval:org.secpod.oval:def:400813 MozillaFirefox was updated to 45.3.0 ESR to fix the following issues : * MFSA 2016-62/CVE-2016-2835/CVE-2016-2836 Miscellaneous memory safety hazards * MFSA 2016-63/CVE-2016-2830 Favicon network connection can persist when page is closed * MFSA 2016-64/CVE-2016-2838 Buffer overflow rendering SVG wi ... oval:org.secpod.oval:def:400815 MozillaFirefox, MozillaFirefox-branding-SLE, mozilla-nss and mozilla-nspr were updated to fix nine security issues. MozillaFirefox was updated to version 45.2.0 ESR. mozilla-nss was updated to version 3.21.1. These security issues were fixed: - CVE-2016-2834: Memory safety bugs in NSS . - CVE-2016- ... oval:org.secpod.oval:def:400814 This update for MozillaFirefox, MozillaFirefox-branding-SLE, mozilla-nss fixes the following issues: Mozilla Firefox was updated to 38.6.0 ESR. Mozilla NSS was updated to 3.20.2. The following vulnerabilities were fixed: - CVE-2016-1930: Memory safety bugs fixed in Firefox ESR 38.6 - CVE-2016-1935 ... oval:org.secpod.oval:def:89045306 MozillaFirefox, MozillaFirefox-branding-SLE and mozilla-nss were updated to fix nine security issues. MozillaFirefox was updated to version 45.2.0 ESR. mozilla-nss was updated to version 3.21.1. These security issues were fixed: - CVE-2016-2834: Memory safety bugs in NSS . - CVE-2016-2824: Out-of-b ... oval:org.secpod.oval:def:89045298 This update for MozillaFirefox, mozilla-nspr, mozilla-nss fixes the following issues: Mozilla Firefox was updated to 38.7.0 ESR * MFSA 2016-16/CVE-2016-1952/CVE-2016-1953 Miscellaneous memory safety hazards * MFSA 2016-17/CVE-2016-1954 Local file overwriting and potential privilege escalation thro ... oval:org.secpod.oval:def:89044611 Mozilla Firefox was updated to the Firefox ESR release 45.9. Mozilla NSS was updated to support TLS 1.3 and various new ciphers, PRFs, Diffie Hellman key agreement and support for more hashes. Security issues fixed in Firefox - MFSA 2017-11/CVE-2017-5469: Potential Buffer overflow in flex-generate ... oval:org.secpod.oval:def:89045264 This update for MozillaFirefox, MozillaFirefox-branding-SLE, mozilla-nss fixes the following issues: Mozilla Firefox was updated to 38.6.0 ESR. Mozilla NSS was updated to 3.20.2. The following vulnerabilities were fixed: - CVE-2016-1930: Memory safety bugs fixed in Firefox ESR 38.6 - CVE-2016-1935 ... oval:org.secpod.oval:def:89044839 Mozilla Firefox was updated to the Firefox ESR release 45.9. Mozilla NSS was updated to support TLS 1.3 and various new ciphers, PRFs, Diffie Hellman key agreement and support for more hashes. Security issues fixed in Firefox - MFSA 2017-11/CVE-2017-5469: Potential Buffer overflow in flex-generate ... oval:org.secpod.oval:def:89045151 This update to MozillaFirefox 38.8.0 ESR fixes the following security issues : - CVE-2016-2805: Miscellaneous memory safety hazards - MFSA 2016-39 - CVE-2016-2807: Miscellaneous memory safety hazards - MFSA 2016-39 - CVE-2016-2808: Write to invalid HashMap entry through JavaScript.watch - MFSA 201 ... oval:org.secpod.oval:def:89051279 This update for MozillaFirefox fixes the following issues: * Firefox Extended Support Release 115.6.0 ESR changelog-entry . * CVE-2023-6856: Heap-buffer-overflow affecting WebGL DrawElementsInstanced method with Mesa VM driver . * CVE-2023-6857: Symlinks may resolve to smaller than expected buffers ... oval:org.secpod.oval:def:89051277 This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 115.6.0 ESR changelog-entry * CVE-2023-6856: Heap-buffer-overflow affecting WebGL DrawElementsInstanced method with Mesa VM driver . * CVE-2023-6857: Symlinks may resolve to smaller than expected buffers . * ... oval:org.secpod.oval:def:89051270 This update for MozillaFirefox fixes the following issues: * Firefox Extended Support Release 115.6.0 ESR changelog-entry * CVE-2023-6856: Heap-buffer-overflow affecting WebGL DrawElementsInstanced method with Mesa VM driver . * CVE-2023-6857: Symlinks may resolve to smaller than expected buffers . ... oval:org.secpod.oval:def:89047323 This update for MozillaFirefox fixes the following issues: Update to Extended Support Release 91.4.0 : - CVE-2021-43536: URL leakage when navigating while executing asynchronous function - CVE-2021-43537: Heap buffer overflow when using structured clone - CVE-2021-43538: Missing fullscreen and point ... oval:org.secpod.oval:def:89050259 This update for MozillaFirefox fixes the following issues: - Mozilla Firefox 68.6.1esr MFSA 2020-11 * CVE-2020-6819 Use-after-free while running the nsDocShell destructor * CVE-2020-6820 Use-after-free when handling a ReadableStream oval:org.secpod.oval:def:89000232 This update for MozillaFirefox fixes the following issues: - Mozilla Firefox 68.6.1esr MFSA 2020-11 * CVE-2020-6819 Use-after-free while running the nsDocShell destructor * CVE-2020-6820 Use-after-free when handling a ReadableStream oval:org.secpod.oval:def:89049140 This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 115.0.2 ESR Security fixes: * CVE-2023-3600: Fixed use-after-free in workers Other fixes: * Fixed a startup crash experienced by some Windows users by blocking instances of a malicious injected DLL * Fixed ... oval:org.secpod.oval:def:89049147 This update for MozillaFirefox fixes the following issues: Firefox was updated to version 115.0.2 ESR : * CVE-2023-3600: Fixed Use-after-free in workers . Bugfixes: \- Fixed a startup crash experienced by some Windows users by blocking instances of a malicious injected DLL . \- Fixed a bug with disp ... oval:org.secpod.oval:def:89049142 This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 115.0.2 ESR Security fixes: * CVE-2023-3600: Fixed use-after-free in workers Other fixes: * Fixed a startup crash experienced by some Windows users by blocking instances of a malicious injected DLL * Fixed ... oval:org.secpod.oval:def:89049808 This update for MozillaFirefox fixes the following issues: Mozilla Firefox was updated to 115.3.1 ESR, fixing a security issue: MFSA 2023-44 * CVE-2023-5217: Fixed heap buffer overflow in libvpx oval:org.secpod.oval:def:89049814 This update for MozillaFirefox fixes the following issues: Mozilla Firefox was updated to 115.3.1 ESR, fixing a security issue: MFSA 2023-44 * CVE-2023-5217: Fixed a heap buffer overflow in libvpx oval:org.secpod.oval:def:89049374 This update for MozillaFirefox fixes the following issues: Firefox was updated to Extended Support Release 115.2.0 ESR . * CVE-2023-4574: Fixed memory corruption in IPC ColorPickerShownCallback * CVE-2023-4575: Fixed memory corruption in IPC FilePickerShownCallback * CVE-2023-4576: Fixed integer ... oval:org.secpod.oval:def:89049373 This update for MozillaFirefox fixes the following issues: Firefox was updated to Extended Support Release 115.2.0 ESR . * CVE-2023-4574: Fixed memory corruption in IPC ColorPickerShownCallback * CVE-2023-4575: Fixed memory corruption in IPC FilePickerShownCallback * CVE-2023-4576: Fixed integer ... oval:org.secpod.oval:def:89049574 This update for MozillaFirefox fixes the following issues: Update to Firefox Extended Support Release 115.3.0 ESR : Security fixes: * CVE-2023-5168: Out-of-bounds write in FilterNodeD2D1 . * CVE-2023-5169: Out-of-bounds write in PathOps . * CVE-2023-5171: Use-after-free in Ion Compiler . * CVE-2023- ... oval:org.secpod.oval:def:89049804 This update for MozillaFirefox fixes the following issues: Mozilla Firefox ESR 115.3.1 ESR was released to fix a security issue: * MFSA 2023-44 * CVE-2023-5217: Fixed a heap buffer overflow in libvpx oval:org.secpod.oval:def:3301796 Security update for MozillaFirefox oval:org.secpod.oval:def:89049356 This update for MozillaFirefox fixes the following issues: Firefox was updated to Extended Support Release 115.2.0 ESR . * CVE-2023-4574: Fixed memory corruption in IPC ColorPickerShownCallback * CVE-2023-4575: Fixed memory corruption in IPC FilePickerShownCallback * CVE-2023-4576: Fixed integer ... oval:org.secpod.oval:def:3301757 Security update for MozillaFirefox oval:org.secpod.oval:def:3302045 Security update for MozillaFirefox oval:org.secpod.oval:def:89049189 This update for MozillaFirefox fixes the following security issues: Firefox was updated to Extended Support Release 115.1.0 ESR . * CVE-2023-4045: Fixed cross-origin restrictions bypass with Offscreen Canvas . * CVE-2023-4046: Fixed incorrect value used during WASM compilation . * CVE-2023-4047: Fix ... oval:org.secpod.oval:def:89049188 This update for MozillaFirefox fixes the following security issues: Firefox was updated to Extended Support Release 115.1.0 ESR : * CVE-2023-4045: Fixed cross-origin restrictions bypass with Offscreen Canvas . * CVE-2023-4046: Fixed incorrect value used during WASM compilation . * CVE-2023-4047: Fix ... oval:org.secpod.oval:def:3301849 Security update for MozillaFirefox oval:org.secpod.oval:def:3301972 Security update for MozillaFirefox oval:org.secpod.oval:def:89049191 This update for MozillaFirefox fixes the following security issues: Firefox was updated to Extended Support Release 115.1.0 ESR . * CVE-2023-4045: Fixed cross-origin restrictions bypass with Offscreen Canvas . * CVE-2023-4046: Fixed incorrect value used during WASM compilation . * CVE-2023-4047: Fix ... oval:org.secpod.oval:def:89049126 This update for MozillaFirefox, MozillaFirefox-branding-SLE fixes the following issues: Changes in MozillaFirefox and MozillaFirefox-branding-SLE: This update provides Firefox Extended Support Release 115.0 ESR * New: * Required fields are now highlighted in PDF forms. * Improved performance on high ... oval:org.secpod.oval:def:89049112 This update for MozillaFirefox, MozillaFirefox-branding-SLE fixes the following issues: Changes in MozillaFirefox and MozillaFirefox-branding-SLE: This update provides Firefox Extended Support Release 115.0 ESR * New: * Required fields are now highlighted in PDF forms. * Improved performance on high ... oval:org.secpod.oval:def:89049110 This update for MozillaFirefox, MozillaFirefox-branding-SLE fixes the following issues: Changes in MozillaFirefox and MozillaFirefox-branding-SLE: This update provides Firefox Extended Support Release 115.0 ESR * New: * Required fields are now highlighted in PDF forms. * Improved performance on high ... oval:org.secpod.oval:def:89051017 This update for MozillaFirefox fixes the following issues: * Updated to version 115.4.0 ESR . * CVE-2023-5721: Fixed a potential clickjack via queued up rendering. * CVE-2023-5722: Fixed a cross-Origin size and header leakage. * CVE-2023-5723: Fixed unexpected errors when handling invalid cookie cha ... oval:org.secpod.oval:def:89051016 This update for MozillaFirefox fixes the following issues: * Updated to version 115.4.0 ESR . * CVE-2023-5721: Fixed a potential clickjack via queued up rendering. * CVE-2023-5722: Fixed a cross-Origin size and header leakage. * CVE-2023-5723: Fixed unexpected errors when handling invalid cookie cha ... oval:org.secpod.oval:def:89051013 This update for MozillaFirefox fixes the following issues: * Updated to version 115.4.0 ESR : * CVE-2023-5721: Fixed a potential clickjack via queued up rendering. * CVE-2023-5722: Fixed a cross-Origin size and header leakage. * CVE-2023-5723: Fixed unexpected errors when handling invalid cookie cha ... oval:org.secpod.oval:def:89051169 This update for MozillaFirefox fixes the following issues: * Firefox Extended Support Release 115.5.0 ESR Placeholder changelog-entry * Fixed: Various security fixes and other quality improvements. MFSA 2023-46 * CVE-2023-5721: Queued up rendering could have allowed websites to clickjack * CVE-202 ... oval:org.secpod.oval:def:89051159 This update for MozillaFirefox fixes the following issues: * Firefox Extended Support Release 115.5.0 ESR Placeholder changelog-entry * Fixed: Various security fixes and other quality improvements. MFSA 2023-46 * CVE-2023-5721: Queued up rendering could have allowed websites to clickjack * CVE-202 ... oval:org.secpod.oval:def:89051157 This update for MozillaFirefox fixes the following issues: * Firefox Extended Support Release 115.5.0 ESR Placeholder changelog-entry * Fixed: Various security fixes and other quality improvements. MFSA 2023-46 * CVE-2023-5721: Queued up rendering could have allowed websites to clickjack * CVE-202 ... oval:org.secpod.oval:def:89045101 This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 78.12.0 ESR * Fixed: Various stability, functionality, and security fixes MFSA 2021-29 * CVE-2021-29970: Use-after-free in accessibility features of a document * CVE-2021-30547: Out of bounds write in ANGLE ... oval:org.secpod.oval:def:89045113 This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 78.12.0 ESR * Fixed: Various stability, functionality, and security fixes MFSA 2021-29 * CVE-2021-29970: Use-after-free in accessibility features of a document * CVE-2021-30547: Out of bounds write in ANGLE ... oval:org.secpod.oval:def:89047218 This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 78.12.0 ESR * Fixed: Various stability, functionality, and security fixes MFSA 2021-29 * CVE-2021-29970 : Use-after-free in accessibility features of a document * CVE-2021-30547 : Out of bounds write in ANGL ... oval:org.secpod.oval:def:89050279 This update for MozillaFirefox fixes the following issues: - Firefox Extended Support Release 78.6.0 ESR * Fixed: Various stability, functionality, and security fixes MFSA 2020-55 * CVE-2020-16042 Operations on a BigInt could have caused uninitialized memory to be exposed * CVE-2020-26971 Heap bu ... oval:org.secpod.oval:def:89050441 This update for MozillaFirefox fixes the following issues: - Firefox Extended Support Release 78.4.0 ESR * Fixed: Various stability, functionality, and security fixes MFSA 2020-46 * CVE-2020-15969 Use-after-free in usersctp * CVE-2020-15683 Memory safety bugs fixed in Firefox 82 and Firefox ESR 78. ... oval:org.secpod.oval:def:89050463 This update for MozillaFirefox fixes the following issues: - Firefox Extended Support Release 78.5.0 ESR * CVE-2020-26951: Parsing mismatches could confuse and bypass security sanitizer for chrome privileged code * CVE-2020-16012: Variable time processing of cross-origin images during drawImage cal ... oval:org.secpod.oval:def:89050224 This update for MozillaFirefox fixes the following issues: - Firefox Extended Support Release 78.6.0 ESR * Fixed: Various stability, functionality, and security fixes MFSA 2020-55 * CVE-2020-16042 Operations on a BigInt could have caused uninitialized memory to be exposed * CVE-2020-26971 Heap bu ... oval:org.secpod.oval:def:89050465 This update for MozillaFirefox fixes the following issues: - Firefox Extended Support Release 78.5.0 ESR * CVE-2020-26951: Parsing mismatches could confuse and bypass security sanitizer for chrome privileged code * CVE-2020-16012: Variable time processing of cross-origin images during drawImage cal ... oval:org.secpod.oval:def:89050402 This update for MozillaFirefox fixes the following issues: - Firefox Extended Support Release 78.4.0 ESR * Fixed: Various stability, functionality, and security fixes MFSA 2020-46 * CVE-2020-15969 Use-after-free in usersctp * CVE-2020-15683 Memory safety bugs fixed in Firefox 82 and Firefox ESR 78. ... oval:org.secpod.oval:def:89050304 This update for MozillaFirefox fixes the following issues: - Firefox Extended Support Release 78.4.1 ESR * Fixed: Security fix MFSA 2020-49 * CVE-2020-26950 Write side effects in MCallGetProperty opcode not accounted for oval:org.secpod.oval:def:89050295 This update for MozillaFirefox fixes the following issues: - Firefox Extended Support Release 78.4.1 ESR * Fixed: Security fix MFSA 2020-49 * CVE-2020-26950 Write side effects in MCallGetProperty opcode not accounted for oval:org.secpod.oval:def:89050289 This update for MozillaFirefox fixes the following issues: This update for MozillaFirefox and pipewire fixes the following issues: MozillaFirefox Extended Support Release 78.1.0 ESR * Fixed: Various stability, functionality, and security fixes * CVE-2020-15652: Potential leak of redirect targets wh ... oval:org.secpod.oval:def:89050282 This update for MozillaFirefox fixes the following issues: - Firefox Extended Support Release 78.1.0 ESR * Fixed: Various stability, functionality, and security fixes * CVE-2020-15652: Potential leak of redirect targets when loading scripts in a worker * CVE-2020-6514: WebRTC data channel leaks int ... oval:org.secpod.oval:def:3302239 Security update for MozillaFirefox oval:org.secpod.oval:def:3302438 Security update for MozillaFirefox oval:org.secpod.oval:def:89051399 This update for MozillaFirefox fixes the following issues: Update to Firefox Extended Support Release 115.7.0 ESR : * CVE-2024-0741: Out of bounds write in ANGLE * CVE-2024-0742: Failure to update user input timestamp * CVE-2024-0746: Crash when listing printers on Linux * CVE-2024-0747: Bypass of ... oval:org.secpod.oval:def:89051404 This update for MozillaFirefox fixes the following issues: Update to Firefox Extended Support Release 115.7.0 ESR : * CVE-2024-0741: Out of bounds write in ANGLE * CVE-2024-0742: Failure to update user input timestamp * CVE-2024-0746: Crash when listing printers on Linux * CVE-2024-0747: Bypass of ... oval:org.secpod.oval:def:89051407 This update for MozillaFirefox fixes the following issues: Update to Firefox Extended Support Release 115.7.0 ESR : * CVE-2024-0741: Out of bounds write in ANGLE * CVE-2024-0742: Failure to update user input timestamp * CVE-2024-0746: Crash when listing printers on Linux * CVE-2024-0747: Bypass of ... oval:org.secpod.oval:def:89051523 This update for MozillaFirefox fixes the following issues: Update to Firefox Extended Support Release 115.8.0 ESR : * CVE-2024-1546: Out-of-bounds memory read in networking channels * CVE-2024-1547: Alert dialog could have been spoofed on another site * CVE-2024-1548: Fullscreen Notification could ... oval:org.secpod.oval:def:89051536 This update for MozillaFirefox fixes the following issues: Update to Firefox Extended Support Release 115.8.0 ESR : * CVE-2024-1546: Out-of-bounds memory read in networking channels * CVE-2024-1547: Alert dialog could have been spoofed on another site * CVE-2024-1548: Fullscreen Notification could ... oval:org.secpod.oval:def:89051688 This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 115.9.0 ESR : * CVE-2024-0743: Crash in NSS TLS method . * CVE-2024-2605: Windows Error Reporter could be used as a Sandbox escape vector . * CVE-2024-2607: JIT code failed to save return registers on Armv7-A ... oval:org.secpod.oval:def:89051691 This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 115.9.1esr ESR MFSA 2024-16 * CVE-2024-29944: Privileged JavaScript Execution via Event Handlers . oval:org.secpod.oval:def:89051698 This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 115.9.1esr ESR MFSA 2024-16 . * CVE-2024-29944: Privileged JavaScript Execution via Event Handlers . Firefox Extended Support Release 115.9.0 ESR : * CVE-2024-0743: Crash in NSS TLS method . * CVE-2024-2605: ... oval:org.secpod.oval:def:89051780 This update for MozillaFirefox fixes the following issues: Update to Firefox Extended Support Release 115.10.0 ESR : * CVE-2024-3852: GetBoundName in the JIT returned the wrong object * CVE-2024-3854: Out-of-bounds-read after mis-optimized switch statement * CVE-2024-3857: Incorrect JITting of argu ... oval:org.secpod.oval:def:89051761 This update for MozillaFirefox fixes the following issues: Update to Firefox Extended Support Release 115.10.0 ESR : * CVE-2024-3852: GetBoundName in the JIT returned the wrong object * CVE-2024-3854: Out-of-bounds-read after mis-optimized switch statement * CVE-2024-3857: Incorrect JITting of argu ... oval:org.secpod.oval:def:89003105 This update for MozillaFirefox fixes the following issues: Security issues fixed: - CVE-2019-11691: Use-after-free in XMLHttpRequest - CVE-2019-11692: Use-after-free removing listeners in the event listener manager - CVE-2019-11693: Buffer overflow in WebGL bufferdata on Linux - CVE-2019-11694: Unin ... oval:org.secpod.oval:def:89050627 This update for MozillaFirefox fixes the following issues: Security issues fixed: - CVE-2019-11691: Use-after-free in XMLHttpRequest - CVE-2019-11692: Use-after-free removing listeners in the event listener manager - CVE-2019-11693: Buffer overflow in WebGL bufferdata on Linux - CVE-2019-11694: Unin ... oval:org.secpod.oval:def:89002480 This update for MozillaFirefox to ESR 52.8 release fixes the following issues: Update to Firefox ESR 52.8 Security issues fixed: - MFSA 2018-12/CVE-2018-5159: Integer overflow and out-of-bounds write in Skia - MFSA 2018-12/CVE-2018-5158: Malicious PDF can inject JavaScript into PDF Viewer - MFSA 20 ... oval:org.secpod.oval:def:89049632 This update for MozillaFirefox to the 52.9 ESR release fixes the following issues: These security issues were fixed: - Firefox ESR 52.9: - CVE-2018-5188 Memory safety bugs fixed in Firefox 60, Firefox ESR 60.1, and Firefox ESR 52.9 . - CVE-2018-12368 No warning when opening executable SettingContent ... oval:org.secpod.oval:def:89003294 This update for MozillaFirefox fixes the following issues: Updated to new ESR version 68.1 . In addition to the already fixed vulnerabilities released in previous ESR updates, the following were also fixed: CVE-2019-11751, CVE-2019-11736, CVE-2019-9812, CVE-2019-11748, CVE-2019-11749, CVE-2019-11750 ... oval:org.secpod.oval:def:89003285 This update for MozillaFirefox to version ESR 60.8 fixes the following issues: Security issues fixed: - CVE-2019-9811: Sandbox escape via installation of malicious language pack . - CVE-2019-11711: Script injection within domain through inner window reuse . - CVE-2019-11712: Cross-origin POST reques ... oval:org.secpod.oval:def:89050847 This update for MozillaFirefox, MozillaFirefox-branding-SLE fixes the following issues: Changes in MozillaFirefox: Security issues fixed: - CVE-2019-15903: Fixed a heap overflow in the expat library . - CVE-2019-11757: Fixed a use-after-free when creating index updates in IndexedDB . - CVE-2019-1175 ... oval:org.secpod.oval:def:89003210 This update for MozillaFirefox, mozilla-nss fixes the following issues: MozillaFirefox to version ESR 60.8: - CVE-2019-9811: Sandbox escape via installation of malicious language pack . - CVE-2019-11711: Script injection within domain through inner window reuse . - CVE-2019-11712: Cross-origin POST ... oval:org.secpod.oval:def:89003333 This update for MozillaFirefox to ESR 60.9 fixes the following issues: Security issues fixed: - CVE-2019-11742: Fixed a same-origin policy violation involving SVG filters and canvas to steal cross-origin images. - CVE-2019-11746: Fixed a use-after-free while manipulating video. - CVE-2019-11744: F ... oval:org.secpod.oval:def:89043994 This update contains the Mozilla Firefox ESR 68.2 release. Mozilla Firefox was updated to ESR 68.2 release: * Enterprise: New administrative policies were added. More information and templates are available at the Policy Templates page. * Various security fixes: MFSA 2019-33 * CVE-2019-15903: Heap ... oval:org.secpod.oval:def:89003323 This update for MozillaFirefox to 68.2.0 ESR fixes the following issues: Mozilla Firefox was updated to version 68.2.0 ESR . Security issues fixed: - CVE-2019-15903: Fixed a heap overflow in the expat library . - CVE-2019-11757: Fixed a use-after-free when creating index updates in IndexedDB . - CVE ... oval:org.secpod.oval:def:89050854 This update for MozillaFirefox to 68.1 fixes the following issues: Security issues fixed: - CVE-2019-9811: Fixed a sandbox escape via installation of malicious language pack. - CVE-2019-9812: Fixed a sandbox escape through Firefox Sync. - CVE-2019-11710: Fixed several memory safety bugs. - CVE-20 ... oval:org.secpod.oval:def:89050736 This update for MozillaFirefox, mozilla-nss fixes the following issues: MozillaFirefox to version ESR 60.8: - CVE-2019-9811: Sandbox escape via installation of malicious language pack . - CVE-2019-11711: Script injection within domain through inner window reuse . - CVE-2019-11712: Cross-origin POST ... |