Download
| Alert*
|
oval:org.secpod.oval:def:3301249
SUSE Security Update: Security update for MozillaFirefox oval:org.secpod.oval:def:89047024 This update for MozillaFirefox fixes the following issues: Mozilla Firefox was updated to 102.3.0esr ESR : - CVE-2022-40959: Fixed bypassing FeaturePolicy restrictions on transient pages. - CVE-2022-40960: Fixed data-race when parsing non-UTF-8 URLs in threads. - CVE-2022-40958: Fixed bypassing secu ... oval:org.secpod.oval:def:89047021 This update for MozillaFirefox fixes the following issues: Mozilla Firefox was updated to 102.2.0esr ESR: * Fixed: Various stability, functionality, and security fixes. - MFSA 2022-34 * CVE-2022-38472 Address bar spoofing via XSLT error handling * CVE-2022-38473 Cross-origin XSLT Documents would ... oval:org.secpod.oval:def:89047044 This update for MozillaFirefox fixes the following issues: Mozilla Firefox was updated to 102.2.0esr ESR: * Fixed: Various stability, functionality, and security fixes. - MFSA 2022-34 * CVE-2022-38472 Address bar spoofing via XSLT error handling * CVE-2022-38473 Cross-origin XSLT Documents would ... oval:org.secpod.oval:def:81798 The host is missing a high severity security update according to the Mozilla advisory MFSA2022-24 and is prone to multiple vulnerabilities. The flaws are present in the application, which fails to properly handle unspecified vectors. Successful exploitation allows an attacker to have unspecified imp ... oval:org.secpod.oval:def:81805 Mozilla Firefox 102.0 : The HTML Sanitizer should have sanitized the href attribute of SVG tags; however it incorrectly did not sanitize xlink:href attributes. oval:org.secpod.oval:def:81770 Mozilla Firefox 102 : The HTML Sanitizer should have sanitized the href attribute of SVG tags; however it incorrectly did not sanitize xlink:href attributes. oval:org.secpod.oval:def:81762 The host is missing a high severity security update according to the Mozilla advisory MFSA2022-24 and is prone to multiple vulnerabilities. The flaws are present in the application, which fails to properly handle unspecified vectors. Successful exploitation allows an attacker to have unspecified imp ... |
