Download
| Alert*
oval:org.secpod.oval:def:610186
Multiple security issues were discovered in Thunderbird, which could result in denial of service or the execution of arbitrary code. oval:org.secpod.oval:def:610168 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, CSP bypass or session fixation. Debian follows the extended support releases of Firefox. Support for the 91.x series has ended, so starting with this updat ... oval:org.secpod.oval:def:89047024 This update for MozillaFirefox fixes the following issues: Mozilla Firefox was updated to 102.3.0esr ESR : - CVE-2022-40959: Fixed bypassing FeaturePolicy restrictions on transient pages. - CVE-2022-40960: Fixed data-race when parsing non-UTF-8 URLs in threads. - CVE-2022-40958: Fixed bypassing secu ... oval:org.secpod.oval:def:507174 Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.3.0. Security Fix: * Mozilla: Leaking of sensitive information when composing a response to an HTML email with a META refresh tag * Mozilla: Bypassing FeaturePolicy restrictions on transie ... oval:org.secpod.oval:def:3301249 SUSE Security Update: Security update for MozillaFirefox oval:org.secpod.oval:def:507173 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.3.0 ESR. Security Fix: * Mozilla: Bypassing FeaturePolicy restrictions on transient pages * Mozilla: Data-race when parsing non-UTF-8 URLs in t ... oval:org.secpod.oval:def:507172 Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.3.0. Security Fix: * Mozilla: Leaking of sensitive information when composing a response to an HTML email with a META refresh tag * Mozilla: Bypassing FeaturePolicy restrictions on transie ... oval:org.secpod.oval:def:507171 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.3.0 ESR. Security Fix: * Mozilla: Bypassing FeaturePolicy restrictions on transient pages * Mozilla: Data-race when parsing non-UTF-8 URLs in t ... oval:org.secpod.oval:def:507176 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.3.0 ESR. Security Fix: * Mozilla: Bypassing FeaturePolicy restrictions on transient pages * Mozilla: Data-race when parsing non-UTF-8 URLs in t ... oval:org.secpod.oval:def:507175 Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.3.0. Security Fix: * Mozilla: Leaking of sensitive information when composing a response to an HTML email with a META refresh tag * Mozilla: Bypassing FeaturePolicy restrictions on transie ... oval:org.secpod.oval:def:1506036 [102.3.0-3.0.1] - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js [102.3.0-3] - Update to 102.3.0 build1 oval:org.secpod.oval:def:1506037 [102.3.0-3.0.1] - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js [102.3.0-3] - Update to 102.3.0 build1 oval:org.secpod.oval:def:1506038 [102.3.0-6.0.1] - Removed Upstream references - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file [102.3.0-6] - Update to 102.3.0 build1 oval:org.secpod.oval:def:1506110 [102.3.0-6.0.1] - Remove upstream references [Orabug: 30143292] - Update distribution for Oracle Linux [Orabug: 30143292] - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file [102.3.0-6] - Update to 102.3.0 build1 oval:org.secpod.oval:def:1506035 [102.3.0-6.0.1] - Removed Upstream references - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file [102.3.0-6] - Update to 102.3.0 build1 oval:org.secpod.oval:def:84309 The host is missing a high severity security update according to the Mozilla advisory MFSA2022-41 and is prone to multiple vulnerabilities. The flaws are present in the application, which fails to properly handle unspecified vectors. Successful exploitation allows attackers to cause multiple impacts ... oval:org.secpod.oval:def:3301257 SUSE Security Update: Security update for MozillaThunderbird oval:org.secpod.oval:def:1506118 [102.3.0-3.0.1] - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Enabled aarch64 build [102.3.0-3] - Update to 102.3.0 build1 oval:org.secpod.oval:def:84322 The host is missing a high severity security update according to the Mozilla advisory MFSA2022-42 and is prone to multiple vulnerabilities. The flaws are present in the application, which fails to properly handle unspecified vectors. Successful exploitation allows an attacker to have unspecified imp ... oval:org.secpod.oval:def:86434 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:4501166 Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.3.0. Security Fix: * Mozilla: Leaking of sensitive information when composing a response to an HTML email with a META refresh tag * Mozilla: Bypassing FeaturePolicy restrictions on transie ... oval:org.secpod.oval:def:2107881 Oracle Solaris 11 - ( CVE-2022-3032 ) oval:org.secpod.oval:def:2500811 Mozilla Thunderbird is a standalone mail and newsgroup client. oval:org.secpod.oval:def:2600021 Mozilla Thunderbird is a standalone mail and newsgroup client. oval:org.secpod.oval:def:84301 The host is missing a high severity security update according to the Mozilla advisory MFSA2022-40 and is prone to multiple vulnerabilities. The flaws are present in the application, which fails to properly handle unspecified vectors. Successful exploitation allows an attacker to have unspecified imp ... oval:org.secpod.oval:def:84302 The host is missing a high severity security update according to the Mozilla advisory MFSA2022-41 and is prone to multiple vulnerabilities. The flaws are present in the application, which fails to properly handle unspecified vectors. Successful exploitation allows attackers to cause multiple impacts ... oval:org.secpod.oval:def:84307 Mozilla Firefox 105.0, Mozilla Firefox ESR 102.3 or Mozilla Thunderbird 102.3 : Mozilla developers Nika Layzell, Timothy Nikkel, Jeff Muizelaar, Sebastian Hengst, Andreas Pehrson, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 104 and Firefox ESR 102.2. Some of these bug ... oval:org.secpod.oval:def:2500806 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. oval:org.secpod.oval:def:84319 The host is missing a high severity security update according to the Mozilla advisory MFSA2022-42 and is prone to multiple vulnerabilities. The flaws are present in the application, which fails to properly handle unspecified vectors. Successful exploitation allows an attacker to have unspecified imp ... oval:org.secpod.oval:def:89047050 This update for MozillaFirefox fixes the following issues: Mozilla Firefox was updated from 102.2.0esr to 102.3.0esr : - CVE-2022-40959: Fixed bypassing FeaturePolicy restrictions on transient pages. - CVE-2022-40960: Fixed data-race when parsing non-UTF-8 URLs in threads. - CVE-2022-40958: Fixed by ... oval:org.secpod.oval:def:2600062 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. oval:org.secpod.oval:def:4500999 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.3.0 ESR. Security Fix: * Mozilla: Bypassing FeaturePolicy restrictions on transient pages * Mozilla: Data-race when parsing non-UTF-8 URLs in t ... oval:org.secpod.oval:def:88407 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, CSP bypass or session fixation. Debian follows the extended support releases of Firefox. Support for the 91.x series has ended, so starting with this updat ... oval:org.secpod.oval:def:88408 Multiple security issues were discovered in Thunderbird, which could result in denial of service or the execution of arbitrary code. oval:org.secpod.oval:def:89047013 This update for MozillaFirefox fixes the following issues: Mozilla Firefox was updated from 102.2.0esr to 102.3.0esr : - CVE-2022-40959: Fixed bypassing FeaturePolicy restrictions on transient pages. - CVE-2022-40960: Fixed data-race when parsing non-UTF-8 URLs in threads. - CVE-2022-40958: Fixed by ... oval:org.secpod.oval:def:707801 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:1701088 A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue of when receiving an HTML email that contained an iframe element, which used a srcdoc attribute to define the internal HTML document, remote objects specified in the nested document , were not blocked. Rather, ... oval:org.secpod.oval:def:1701727 A vulnerability was found in expat. With this flaw, it is possible to create a situation in which parsing is suspended while substituting in an internal entity so that XML_ResumeParser directly uses the internalEntityProcessor as its processor. If the subsequent parse includes some unclosed tags, th ... oval:org.secpod.oval:def:84314 Mozilla Firefox 105.0, Mozilla Firefox ESR 102.3 or Mozilla Thunderbird 102.3 : Mozilla developers Nika Layzell, Timothy Nikkel, Jeff Muizelaar, Sebastian Hengst, Andreas Pehrson, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 104 and Firefox ESR 102.2. Some of these bug ... oval:org.secpod.oval:def:84308 The host is missing a high severity security update according to the Mozilla advisory MFSA2022-40 and is prone to multiple vulnerabilities. The flaws are present in the application, which fails to properly handle unspecified vectors. Successful exploitation allows an attacker to have unspecified imp ... |