Download
| Alert*
oval:org.secpod.oval:def:507061
Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 91.11. Security Fix: * Mozilla: CSP sandbox header without `allow-scripts` can be bypassed via retargeted javascript: URI * Mozilla: Use-after-free in nsSHistory * Mozilla: A popup window cou ... oval:org.secpod.oval:def:608637 Multiple security issues were discovered in Thunderbird, which could result in denial of service or the execution of arbitrary code. oval:org.secpod.oval:def:507067 Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 91.11. Security Fix: * Mozilla: CSP sandbox header without `allow-scripts` can be bypassed via retargeted javascript: URI * Mozilla: Use-after-free in nsSHistory * Mozilla: A popup window cou ... oval:org.secpod.oval:def:507065 Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 91.11. Security Fix: * Mozilla: CSP sandbox header without `allow-scripts` can be bypassed via retargeted javascript: URI * Mozilla: Use-after-free in nsSHistory * Mozilla: A popup window cou ... oval:org.secpod.oval:def:1505858 [91.11.0-2.0.1] - Replaced upstream package with oracle-indexhtml [Orabug: 33802044] - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file - Removed Upstream references [91.11.0-2] - Update to 91.11.0 build2 oval:org.secpod.oval:def:89047024 This update for MozillaFirefox fixes the following issues: Mozilla Firefox was updated to 102.3.0esr ESR : - CVE-2022-40959: Fixed bypassing FeaturePolicy restrictions on transient pages. - CVE-2022-40960: Fixed data-race when parsing non-UTF-8 URLs in threads. - CVE-2022-40958: Fixed bypassing secu ... oval:org.secpod.oval:def:89047021 This update for MozillaFirefox fixes the following issues: Mozilla Firefox was updated to 102.2.0esr ESR: * Fixed: Various stability, functionality, and security fixes. - MFSA 2022-34 * CVE-2022-38472 Address bar spoofing via XSLT error handling * CVE-2022-38473 Cross-origin XSLT Documents would ... oval:org.secpod.oval:def:89047044 This update for MozillaFirefox fixes the following issues: Mozilla Firefox was updated to 102.2.0esr ESR: * Fixed: Various stability, functionality, and security fixes. - MFSA 2022-34 * CVE-2022-38472 Address bar spoofing via XSLT error handling * CVE-2022-38473 Cross-origin XSLT Documents would ... oval:org.secpod.oval:def:507053 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 91.11 ESR. Security Fix: * Mozilla: CSP sandbox header without `allow-scripts` can be bypassed via retargeted javascript: URI * Mozilla: Use-after- ... oval:org.secpod.oval:def:3301249 SUSE Security Update: Security update for MozillaFirefox oval:org.secpod.oval:def:507052 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 91.11 ESR. Security Fix: * Mozilla: CSP sandbox header without `allow-scripts` can be bypassed via retargeted javascript: URI * Mozilla: Use-after- ... oval:org.secpod.oval:def:507035 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 91.11 ESR. Security Fix: * Mozilla: CSP sandbox header without `allow-scripts` can be bypassed via retargeted javascript: URI * Mozilla: Use-after- ... oval:org.secpod.oval:def:608620 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or spoofing. oval:org.secpod.oval:def:3301250 SUSE Security Update: Security update for MozillaThunderbird oval:org.secpod.oval:def:1505865 [91.11.0-2.0.1] - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Reference oracle-indexhtml within Requires [Orabug: 33802044] [91.11.0-2] - Update to 91.11.0 build2 [91.11.0-1] - Update to 91.11.0 build1 oval:org.secpod.oval:def:1505822 [91.11.0-2.0.1] - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Enabled aarch64 build [91.11.0-2] - Update to 91.11.0 build2 [91.11.0-1] - Update to 91.11.0 build1 oval:org.secpod.oval:def:2600014 Mozilla Thunderbird is a standalone mail and newsgroup client. oval:org.secpod.oval:def:2107732 Oracle Solaris 11 - ( CVE-2022-2200 ) oval:org.secpod.oval:def:81801 Mozilla Firefox 102.0, Mozilla Firefox ESR 91.11 : An iframe that was not permitted to run scripts could do so if the user clicked on a javascript: link. oval:org.secpod.oval:def:4500948 Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 91.11. Security Fix: * Mozilla: CSP sandbox header without `allow-scripts` can be bypassed via retargeted javascript: URI * Mozilla: Use-after-free in nsSHistory * Mozilla: A popup window cou ... oval:org.secpod.oval:def:1505797 [91.11.0-2.0.1] - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js [91.11.0-2] - Update to 91.11.0 build2 [91.11.0-1] - Update to 91.11.0 build1 oval:org.secpod.oval:def:2107905 Oracle Solaris 11 - ( CVE-2022-34484 ) oval:org.secpod.oval:def:1505796 [91.11.0-2.0.1] - Removed Upstream references - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file [91.11.0-2] - Update to 91.11.0 build2 [91.11.0-1] - Update to 91.11.0 build1 oval:org.secpod.oval:def:89047445 This update for MozillaFirefox fixes the following issues: Update to Firefox Extended Support Release 91.11.0 ESR : - CVE-2022-2200: Undesired attributes could be set as part of prototype pollution - CVE-2022-31744: CSP bypass enabling stylesheet injection - CVE-2022-34468: CSP sandbox header wit ... oval:org.secpod.oval:def:89046753 This update for MozillaFirefox fixes the following issues: Update to Firefox Extended Support Release 91.11.0 ESR : - CVE-2022-2200: Undesired attributes could be set as part of prototype pollution - CVE-2022-31744: CSP bypass enabling stylesheet injection - CVE-2022-34468: CSP sandbox header wit ... oval:org.secpod.oval:def:3300595 SUSE Security Update: Security update for MozillaThunderbird oval:org.secpod.oval:def:81760 The host is missing a high severity security update according to the Mozilla advisory MFSA2022-26 and is prone to multiple vulnerabilities. The flaws are present in the application, which fails to properly handle unspecified vectors. Successful exploitation allows an attacker to have unspecified imp ... oval:org.secpod.oval:def:1505798 [91.11.0-2.0.1] - Remove upstream references [Orabug: 30143292] - Update distribution for Oracle Linux [Orabug: 30143292] - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file - Enabled aarch64 build [91.11.0-2] - Update to 91.11.0 build2 [91.11.0-1] - Update to 91.11.0 bui ... oval:org.secpod.oval:def:205967 Security Fix: Mozilla: CSP sandbox header without `allow-scripts` can be bypassed via retargeted javascript: URI Mozilla: Use-after-free in nsSHistory Mozilla: A popup window could be resized in a way to overlay the address bar with web content Mozilla: Memory safety bugs fixed in Firefox 102 and ... oval:org.secpod.oval:def:205969 Security Fix: Mozilla: CSP sandbox header without `allow-scripts` can be bypassed via retargeted javascript: URI Mozilla: Use-after-free in nsSHistory Mozilla: A popup window could be resized in a way to overlay the address bar with web content Mozilla: Memory safety bugs fixed in Firefox 102 and ... oval:org.secpod.oval:def:81761 The host is missing a high severity security update according to the Mozilla advisory MFSA2022-25 and is prone to multiple vulnerabilities. The flaws are present in the application, which fails to properly handle unspecified vectors. Successful exploitation allows an attacker to have unspecified imp ... oval:org.secpod.oval:def:3300634 SUSE Security Update: Security update for MozillaFirefox oval:org.secpod.oval:def:88372 Multiple security issues were discovered in Thunderbird, which could result in denial of service or the execution of arbitrary code. oval:org.secpod.oval:def:88370 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or spoofing. oval:org.secpod.oval:def:4500978 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 91.11 ESR. Security Fix: * Mozilla: CSP sandbox header without `allow-scripts` can be bypassed via retargeted javascript: URI * Mozilla: Use-after- ... oval:org.secpod.oval:def:89046747 This update for MozillaFirefox fixes the following issues: Update to Firefox Extended Support Release 91.11.0 ESR : - CVE-2022-2200: Undesired attributes could be set as part of prototype pollution - CVE-2022-31744: CSP bypass enabling stylesheet injection - CVE-2022-34468: CSP sandbox header wit ... oval:org.secpod.oval:def:89046745 This update for MozillaFirefox fixes the following issues: Update to Firefox Extended Support Release 91.11.0 ESR : - CVE-2022-2200: Undesired attributes could be set as part of prototype pollution - CVE-2022-31744: CSP bypass enabling stylesheet injection - CVE-2022-34468: CSP sandbox header wit ... oval:org.secpod.oval:def:81798 The host is missing a high severity security update according to the Mozilla advisory MFSA2022-24 and is prone to multiple vulnerabilities. The flaws are present in the application, which fails to properly handle unspecified vectors. Successful exploitation allows an attacker to have unspecified imp ... oval:org.secpod.oval:def:1701692 Mozilla developers and community members Julian Hector, Randell Jesup, Gabriele Svelto, Tyson Smith, Christian Holler, and Masayuki Nakano reported memory safety bugs present in Firefox 94. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these c ... oval:org.secpod.oval:def:81797 The host is missing a high severity security update according to the Mozilla advisory MFSA2022-25 and is prone to multiple vulnerabilities. The flaws are present in the application, which fails to properly handle unspecified vectors. Successful exploitation allows an attacker to have unspecified imp ... oval:org.secpod.oval:def:81796 The host is missing a high severity security update according to the Mozilla advisory MFSA2022-26 and is prone to multiple vulnerabilities. The flaws are present in the application, which fails to properly handle unspecified vectors. Successful exploitation allows an attacker to have unspecified imp ... oval:org.secpod.oval:def:1701180 An out of date graphics library likely contained vulnerabilities that could potentially be exploited. This vulnerability affects Thunderbird less than 78.9 and Firefox ESR less than 78.9. Mozilla developers and community members Julian Hector, Randell Jesup, Gabriele Svelto, Tyson Smith, Christian ... oval:org.secpod.oval:def:81766 Mozilla Firefox 102, Mozilla Firefox ESR 91.11, Mozilla Thunderbird 91.11 and Mozilla Thunderbird 102 : An iframe that was not permitted to run scripts could do so if the user clicked on a javascript: link. oval:org.secpod.oval:def:81762 The host is missing a high severity security update according to the Mozilla advisory MFSA2022-24 and is prone to multiple vulnerabilities. The flaws are present in the application, which fails to properly handle unspecified vectors. Successful exploitation allows an attacker to have unspecified imp ... |