CESA-2023:0812 -- centos 7 firefoxID: oval:org.secpod.oval:def:206013 | Date: (C)2023-03-02 (M)2023-12-26 |
Class: PATCH | Family: unix |
Security Fix: Mozilla: Arbitrary memory write via PKCS 12 in NSS Mozilla: Content security policy leak in violation reports using iframes Mozilla: Screen hijack via browser fullscreen mode Mozilla: Potential use-after-free from compartment mismatch in SpiderMonkey Mozilla: Invalid downcast in SVGUtils::SetupStrokeGeometry Mozilla: Use-after-free in mozilla::dom::ScriptLoadContext::~ScriptLoadContext Mozilla: Fullscreen notification not shown in Firefox Focus Mozilla: Memory safety bugs fixed in Firefox 110 and Firefox ESR 102.8 Mozilla: Memory safety bugs fixed in Firefox ESR 102.8 Mozilla: Extensions could have opened external schemes without user knowledge Mozilla: Out of bounds memory write from EncodeInputStream Mozilla: Web Crypto ImportKey crashes tab For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section.