Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2023-29531 (GCVE-0-2023-29531)
Vulnerability from cvelistv5 – Published: 2023-06-19 09:48 – Updated: 2024-12-11 15:35
VLAI?
EPSS
Summary
An attacker could have caused an out of bounds memory access using WebGL APIs, leading to memory corruption and a potentially exploitable crash.
*This bug only affects Firefox and Thunderbird for macOS. Other operating systems are unaffected.* This vulnerability affects Firefox < 112, Firefox ESR < 102.10, and Thunderbird < 102.10.
Severity ?
9.8 (Critical)
CWE
- Out-of-bound memory access in WebGL on macOS
Assigner
References
Impacted products
3 products
| Vendor | Product | Version | |
|---|---|---|---|
| Mozilla | Firefox |
Affected:
unspecified , < 112
(custom)
|
|
| Mozilla | Firefox ESR |
Affected:
unspecified , < 102.10
(custom)
|
|
| Mozilla | Thunderbird |
Affected:
unspecified , < 102.10
(custom)
|
Credits
DoHyun Lee
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T14:14:38.894Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1794292"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2023-13/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2023-14/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2023-15/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-29531",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-11T15:34:50.363189Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-11T15:35:54.769Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "112",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Firefox ESR",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "102.10",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "102.10",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"user": "00000000-0000-4000-9000-000000000000",
"value": "DoHyun Lee"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eAn attacker could have caused an out of bounds memory access using WebGL APIs, leading to memory corruption and a potentially exploitable crash.\u003c/p\u003e\u003cp\u003e*This bug only affects Firefox and\u0026nbsp;Thunderbird for macOS. Other operating systems are unaffected.* This vulnerability affects Firefox \u0026lt; 112, Firefox ESR \u0026lt; 102.10, and Thunderbird \u0026lt; 102.10.\u003c/p\u003e"
}
],
"value": "An attacker could have caused an out of bounds memory access using WebGL APIs, leading to memory corruption and a potentially exploitable crash.\n\n*This bug only affects Firefox and\u00a0Thunderbird for macOS. Other operating systems are unaffected.* This vulnerability affects Firefox \u003c 112, Firefox ESR \u003c 102.10, and Thunderbird \u003c 102.10.\n\n"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Out-of-bound memory access in WebGL on macOS",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-19T09:55:05.759Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1794292"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-13/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-14/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-15/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2023-29531",
"datePublished": "2023-06-19T09:48:59.394Z",
"dateReserved": "2023-04-07T19:49:37.876Z",
"dateUpdated": "2024-12-11T15:35:54.769Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2023-29531",
"date": "2026-05-21",
"epss": "0.00569",
"percentile": "0.68812"
},
"fkie_nvd": {
"configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"112.0\", \"matchCriteriaId\": \"8C6578F4-B46C-473F-8A17-CA6026C32FBE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"102.10\", \"matchCriteriaId\": \"03736567-251A-4F75-992E-AB7C957FB587\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"102.10\", \"matchCriteriaId\": \"7C8C9D9E-9BDA-475D-B7D6-10D1C6E9DD72\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"387021A0-AF36-463C-A605-32EA7DAC172E\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"An attacker could have caused an out of bounds memory access using WebGL APIs, leading to memory corruption and a potentially exploitable crash.\\n\\n*This bug only affects Firefox and\\u00a0Thunderbird for macOS. Other operating systems are unaffected.* This vulnerability affects Firefox \u003c 112, Firefox ESR \u003c 102.10, and Thunderbird \u003c 102.10.\\n\\n\"}]",
"id": "CVE-2023-29531",
"lastModified": "2024-12-11T16:15:08.690",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 9.8, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 5.9}, {\"source\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 9.8, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 5.9}]}",
"published": "2023-06-19T10:15:09.373",
"references": "[{\"url\": \"https://bugzilla.mozilla.org/show_bug.cgi?id=1794292\", \"source\": \"security@mozilla.org\", \"tags\": [\"Permissions Required\"]}, {\"url\": \"https://www.mozilla.org/security/advisories/mfsa2023-13/\", \"source\": \"security@mozilla.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://www.mozilla.org/security/advisories/mfsa2023-14/\", \"source\": \"security@mozilla.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://www.mozilla.org/security/advisories/mfsa2023-15/\", \"source\": \"security@mozilla.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://bugzilla.mozilla.org/show_bug.cgi?id=1794292\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Permissions Required\"]}, {\"url\": \"https://www.mozilla.org/security/advisories/mfsa2023-13/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://www.mozilla.org/security/advisories/mfsa2023-14/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://www.mozilla.org/security/advisories/mfsa2023-15/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
"sourceIdentifier": "security@mozilla.org",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-787\"}]}, {\"source\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-787\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2023-29531\",\"sourceIdentifier\":\"security@mozilla.org\",\"published\":\"2023-06-19T10:15:09.373\",\"lastModified\":\"2024-12-11T16:15:08.690\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"An attacker could have caused an out of bounds memory access using WebGL APIs, leading to memory corruption and a potentially exploitable crash.\\n\\n*This bug only affects Firefox and\u00a0Thunderbird for macOS. Other operating systems are unaffected.* This vulnerability affects Firefox \u003c 112, Firefox ESR \u003c 102.10, and Thunderbird \u003c 102.10.\\n\\n\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-787\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-787\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"112.0\",\"matchCriteriaId\":\"8C6578F4-B46C-473F-8A17-CA6026C32FBE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"102.10\",\"matchCriteriaId\":\"03736567-251A-4F75-992E-AB7C957FB587\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"102.10\",\"matchCriteriaId\":\"7C8C9D9E-9BDA-475D-B7D6-10D1C6E9DD72\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"387021A0-AF36-463C-A605-32EA7DAC172E\"}]}]}],\"references\":[{\"url\":\"https://bugzilla.mozilla.org/show_bug.cgi?id=1794292\",\"source\":\"security@mozilla.org\",\"tags\":[\"Permissions Required\"]},{\"url\":\"https://www.mozilla.org/security/advisories/mfsa2023-13/\",\"source\":\"security@mozilla.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.mozilla.org/security/advisories/mfsa2023-14/\",\"source\":\"security@mozilla.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.mozilla.org/security/advisories/mfsa2023-15/\",\"source\":\"security@mozilla.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://bugzilla.mozilla.org/show_bug.cgi?id=1794292\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Permissions Required\"]},{\"url\":\"https://www.mozilla.org/security/advisories/mfsa2023-13/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.mozilla.org/security/advisories/mfsa2023-14/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.mozilla.org/security/advisories/mfsa2023-15/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://bugzilla.mozilla.org/show_bug.cgi?id=1794292\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.mozilla.org/security/advisories/mfsa2023-13/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.mozilla.org/security/advisories/mfsa2023-14/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.mozilla.org/security/advisories/mfsa2023-15/\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T14:14:38.894Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 9.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"CRITICAL\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-29531\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-12-11T15:34:50.363189Z\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-787\", \"description\": \"CWE-787 Out-of-bounds Write\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-12-11T15:35:18.379Z\"}}], \"cna\": {\"source\": {\"discovery\": \"UNKNOWN\"}, \"credits\": [{\"lang\": \"en\", \"user\": \"00000000-0000-4000-9000-000000000000\", \"value\": \"DoHyun Lee\"}], \"affected\": [{\"vendor\": \"Mozilla\", \"product\": \"Firefox\", \"versions\": [{\"status\": \"affected\", \"version\": \"unspecified\", \"lessThan\": \"112\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"Mozilla\", \"product\": \"Firefox ESR\", \"versions\": [{\"status\": \"affected\", \"version\": \"unspecified\", \"lessThan\": \"102.10\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"Mozilla\", \"product\": \"Thunderbird\", \"versions\": [{\"status\": \"affected\", \"version\": \"unspecified\", \"lessThan\": \"102.10\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://bugzilla.mozilla.org/show_bug.cgi?id=1794292\"}, {\"url\": \"https://www.mozilla.org/security/advisories/mfsa2023-13/\"}, {\"url\": \"https://www.mozilla.org/security/advisories/mfsa2023-14/\"}, {\"url\": \"https://www.mozilla.org/security/advisories/mfsa2023-15/\"}], \"x_generator\": {\"engine\": \"Vulnogram 0.1.0-dev\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"An attacker could have caused an out of bounds memory access using WebGL APIs, leading to memory corruption and a potentially exploitable crash.\\n\\n*This bug only affects Firefox and\\u00a0Thunderbird for macOS. Other operating systems are unaffected.* This vulnerability affects Firefox \u003c 112, Firefox ESR \u003c 102.10, and Thunderbird \u003c 102.10.\\n\\n\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cp\u003eAn attacker could have caused an out of bounds memory access using WebGL APIs, leading to memory corruption and a potentially exploitable crash.\u003c/p\u003e\u003cp\u003e*This bug only affects Firefox and\u0026nbsp;Thunderbird for macOS. Other operating systems are unaffected.* This vulnerability affects Firefox \u0026lt; 112, Firefox ESR \u0026lt; 102.10, and Thunderbird \u0026lt; 102.10.\u003c/p\u003e\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"description\": \"Out-of-bound memory access in WebGL on macOS\"}]}], \"providerMetadata\": {\"orgId\": \"f16b083a-5664-49f3-a51e-8d479e5ed7fe\", \"shortName\": \"mozilla\", \"dateUpdated\": \"2023-06-19T09:55:05.759Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2023-29531\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-12-11T15:35:54.769Z\", \"dateReserved\": \"2023-04-07T19:49:37.876Z\", \"assignerOrgId\": \"f16b083a-5664-49f3-a51e-8d479e5ed7fe\", \"datePublished\": \"2023-06-19T09:48:59.394Z\", \"assignerShortName\": \"mozilla\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
CERTFR-2023-AVI-0303
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits Mozilla. Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, une exécution de code arbitraire à distance et un déni de service à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Mozilla | Thunderbird | Thunderbird versions antérieures à 102.10 | ||
| Mozilla | Firefox | Firefox pour Android versions antérieures à 112 | ||
| Mozilla | N/A | Focus pour Android versions antérieures à 112 | ||
| Mozilla | Firefox | Firefox versions antérieures à 112 | ||
| Mozilla | Firefox ESR | Firefox ESR versions antérieures à 102.10 |
References
| Title | Publication Time | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Thunderbird versions ant\u00e9rieures \u00e0 102.10",
"product": {
"name": "Thunderbird",
"vendor": {
"name": "Mozilla",
"scada": false
}
}
},
{
"description": "Firefox pour Android versions ant\u00e9rieures \u00e0 112",
"product": {
"name": "Firefox",
"vendor": {
"name": "Mozilla",
"scada": false
}
}
},
{
"description": "Focus pour Android versions ant\u00e9rieures \u00e0 112",
"product": {
"name": "N/A",
"vendor": {
"name": "Mozilla",
"scada": false
}
}
},
{
"description": "Firefox versions ant\u00e9rieures \u00e0 112",
"product": {
"name": "Firefox",
"vendor": {
"name": "Mozilla",
"scada": false
}
}
},
{
"description": "Firefox ESR versions ant\u00e9rieures \u00e0 102.10",
"product": {
"name": "Firefox ESR",
"vendor": {
"name": "Mozilla",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2023-29547",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29547"
},
{
"name": "CVE-2023-1945",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1945"
},
{
"name": "CVE-2023-29548",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29548"
},
{
"name": "CVE-2023-29540",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29540"
},
{
"name": "CVE-2023-0547",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0547"
},
{
"name": "CVE-2023-29479",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29479"
},
{
"name": "CVE-2023-29543",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29543"
},
{
"name": "CVE-2023-29533",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29533"
},
{
"name": "CVE-2023-29535",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29535"
},
{
"name": "CVE-2023-29545",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29545"
},
{
"name": "CVE-2023-29544",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29544"
},
{
"name": "CVE-2023-29549",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29549"
},
{
"name": "CVE-2023-29541",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29541"
},
{
"name": "CVE-2023-29532",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29532"
},
{
"name": "CVE-2023-29539",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29539"
},
{
"name": "CVE-2023-29534",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29534"
},
{
"name": "CVE-2023-28163",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28163"
},
{
"name": "CVE-2023-29551",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29551"
},
{
"name": "CVE-2023-29537",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29537"
},
{
"name": "CVE-2023-29542",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29542"
},
{
"name": "CVE-2023-29550",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29550"
},
{
"name": "CVE-2023-29538",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29538"
},
{
"name": "CVE-2023-29536",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29536"
},
{
"name": "CVE-2023-29546",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29546"
},
{
"name": "CVE-2023-29531",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29531"
}
],
"links": [],
"reference": "CERTFR-2023-AVI-0303",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-04-12T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": ""
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nMozilla. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nun probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur, une ex\u00e9cution de\ncode arbitraire \u00e0 distance et un d\u00e9ni de service \u00e0 distance.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Mozilla",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Mozilla mfsa2023-13 du 11 avril 2023",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-13/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Mozilla mfsa2023-14 du 11 avril 2023",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-14/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Mozilla mfsa2023-15 du 11 avril 2023",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-15/"
}
]
}
CERTFR-2023-AVI-0303
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits Mozilla. Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, une exécution de code arbitraire à distance et un déni de service à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Mozilla | Thunderbird | Thunderbird versions antérieures à 102.10 | ||
| Mozilla | Firefox | Firefox pour Android versions antérieures à 112 | ||
| Mozilla | N/A | Focus pour Android versions antérieures à 112 | ||
| Mozilla | Firefox | Firefox versions antérieures à 112 | ||
| Mozilla | Firefox ESR | Firefox ESR versions antérieures à 102.10 |
References
| Title | Publication Time | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Thunderbird versions ant\u00e9rieures \u00e0 102.10",
"product": {
"name": "Thunderbird",
"vendor": {
"name": "Mozilla",
"scada": false
}
}
},
{
"description": "Firefox pour Android versions ant\u00e9rieures \u00e0 112",
"product": {
"name": "Firefox",
"vendor": {
"name": "Mozilla",
"scada": false
}
}
},
{
"description": "Focus pour Android versions ant\u00e9rieures \u00e0 112",
"product": {
"name": "N/A",
"vendor": {
"name": "Mozilla",
"scada": false
}
}
},
{
"description": "Firefox versions ant\u00e9rieures \u00e0 112",
"product": {
"name": "Firefox",
"vendor": {
"name": "Mozilla",
"scada": false
}
}
},
{
"description": "Firefox ESR versions ant\u00e9rieures \u00e0 102.10",
"product": {
"name": "Firefox ESR",
"vendor": {
"name": "Mozilla",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2023-29547",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29547"
},
{
"name": "CVE-2023-1945",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1945"
},
{
"name": "CVE-2023-29548",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29548"
},
{
"name": "CVE-2023-29540",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29540"
},
{
"name": "CVE-2023-0547",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0547"
},
{
"name": "CVE-2023-29479",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29479"
},
{
"name": "CVE-2023-29543",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29543"
},
{
"name": "CVE-2023-29533",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29533"
},
{
"name": "CVE-2023-29535",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29535"
},
{
"name": "CVE-2023-29545",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29545"
},
{
"name": "CVE-2023-29544",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29544"
},
{
"name": "CVE-2023-29549",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29549"
},
{
"name": "CVE-2023-29541",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29541"
},
{
"name": "CVE-2023-29532",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29532"
},
{
"name": "CVE-2023-29539",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29539"
},
{
"name": "CVE-2023-29534",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29534"
},
{
"name": "CVE-2023-28163",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28163"
},
{
"name": "CVE-2023-29551",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29551"
},
{
"name": "CVE-2023-29537",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29537"
},
{
"name": "CVE-2023-29542",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29542"
},
{
"name": "CVE-2023-29550",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29550"
},
{
"name": "CVE-2023-29538",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29538"
},
{
"name": "CVE-2023-29536",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29536"
},
{
"name": "CVE-2023-29546",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29546"
},
{
"name": "CVE-2023-29531",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29531"
}
],
"links": [],
"reference": "CERTFR-2023-AVI-0303",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-04-12T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": ""
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nMozilla. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nun probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur, une ex\u00e9cution de\ncode arbitraire \u00e0 distance et un d\u00e9ni de service \u00e0 distance.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Mozilla",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Mozilla mfsa2023-13 du 11 avril 2023",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-13/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Mozilla mfsa2023-14 du 11 avril 2023",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-14/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Mozilla mfsa2023-15 du 11 avril 2023",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-15/"
}
]
}
BDU:2023-02695
Vulnerability from fstec - Published: 11.04.2023
VLAI Severity ?
Title
Уязвимость прикладного программного интерфейса для 3D-графики WebGL браузера Mozilla Firefox, позволяющая нарушителю выполнить произвольный код
Description
Уязвимость прикладного программного интерфейса для 3D-графики WebGL браузера Mozilla Firefox связана с выходом операции за границы буфера в памяти. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, выполнить произвольный код
Severity ?
Vendor
ООО «Ред Софт», ФССП России, АО «ИВК», Mozilla Corp.
Software Name
РЕД ОС (запись в едином реестре российских программ №3751), ОС ТД АИС ФССП России, Альт 8 СП (запись в едином реестре российских программ №4305), Firefox ESR, Thunderbird
Software Version
7.3 (РЕД ОС), ИК6 (ОС ТД АИС ФССП России), - (Альт 8 СП), до 102.9 (Firefox ESR), до 102.10 (Thunderbird)
Possible Mitigations
Использование рекомендаций:
Для продуктов Mozilla Corp.:
https://www.mozilla.org/en-US/security/advisories/mfsa2023-14/
https://www.mozilla.org/en-US/security/advisories/mfsa2023-15/
Для РедОС:
http://repo.red-soft.ru/redos/7.3c/x86_64/updates/
Для ОС ТД АИС ФССП России:
https://goslinux.fssp.gov.ru/2726972/
Для ОС Альт 8 СП: установка обновления из публичного репозитория программного средства
Для ОС Альт 8 СП: установка обновления из публичного репозитория программного средства
Reference
https://www.mozilla.org/en-US/security/advisories/mfsa2023-14/
https://redos.red-soft.ru/support/secure/uyazvimosti/mnozhestvennye-uyazvimosti-firefox-cve-2023-1945-cve-2023-29531-cve-2023-29532-cve-2023-29533-cve-20/
http://repo.red-soft.ru/redos/7.3c/x86_64/updates/
https://altsp.su/obnovleniya-bezopasnosti/
https://altsp.su/obnovleniya-bezopasnosti/
CWE
CWE-787
{
"CVSS 2.0": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS 3.0": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CVSS 4.0": null,
"remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
"remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
"\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "\u041e\u041e\u041e \u00ab\u0420\u0435\u0434 \u0421\u043e\u0444\u0442\u00bb, \u0424\u0421\u0421\u041f \u0420\u043e\u0441\u0441\u0438\u0438, \u0410\u041e \u00ab\u0418\u0412\u041a\u00bb, Mozilla Corp.",
"\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "7.3 (\u0420\u0415\u0414 \u041e\u0421), \u0418\u041a6 (\u041e\u0421 \u0422\u0414 \u0410\u0418\u0421 \u0424\u0421\u0421\u041f \u0420\u043e\u0441\u0441\u0438\u0438), - (\u0410\u043b\u044c\u0442 8 \u0421\u041f), \u0434\u043e 102.9 (Firefox ESR), \u0434\u043e 102.10 (Thunderbird)",
"\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\n\n\u0414\u043b\u044f \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 Mozilla Corp.:\nhttps://www.mozilla.org/en-US/security/advisories/mfsa2023-14/\nhttps://www.mozilla.org/en-US/security/advisories/mfsa2023-15/\n\n\u0414\u043b\u044f \u0420\u0435\u0434\u041e\u0421: \nhttp://repo.red-soft.ru/redos/7.3c/x86_64/updates/\n\n\u0414\u043b\u044f \u041e\u0421 \u0422\u0414 \u0410\u0418\u0421 \u0424\u0421\u0421\u041f \u0420\u043e\u0441\u0441\u0438\u0438: \nhttps://goslinux.fssp.gov.ru/2726972/\n\n\u0414\u043b\u044f \u041e\u0421 \u0410\u043b\u044c\u0442 8 \u0421\u041f: \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0438\u0437 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e\u0433\u043e \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430\n\n\u0414\u043b\u044f \u041e\u0421 \u0410\u043b\u044c\u0442 8 \u0421\u041f: \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0438\u0437 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e\u0433\u043e \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430",
"\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "11.04.2023",
"\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "30.06.2023",
"\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "22.05.2023",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2023-02695",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2023-29531",
"\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
"\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
"\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "\u0420\u0415\u0414 \u041e\u0421 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21163751), \u041e\u0421 \u0422\u0414 \u0410\u0418\u0421 \u0424\u0421\u0421\u041f \u0420\u043e\u0441\u0441\u0438\u0438, \u0410\u043b\u044c\u0442 8 \u0421\u041f (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21164305), Firefox ESR, Thunderbird",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "\u041e\u041e\u041e \u00ab\u0420\u0435\u0434 \u0421\u043e\u0444\u0442\u00bb \u0420\u0415\u0414 \u041e\u0421 7.3 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21163751), \u0424\u0421\u0421\u041f \u0420\u043e\u0441\u0441\u0438\u0438 \u041e\u0421 \u0422\u0414 \u0410\u0418\u0421 \u0424\u0421\u0421\u041f \u0420\u043e\u0441\u0441\u0438\u0438 \u0418\u041a6 , \u0410\u041e \u00ab\u0418\u0412\u041a\u00bb \u0410\u043b\u044c\u0442 8 \u0421\u041f - (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21164305)",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u0440\u0438\u043a\u043b\u0430\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0430 \u0434\u043b\u044f 3D-\u0433\u0440\u0430\u0444\u0438\u043a\u0438 WebGL \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u0430 Mozilla Firefox, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434",
"\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u0417\u0430\u043f\u0438\u0441\u044c \u0437\u0430 \u0433\u0440\u0430\u043d\u0438\u0446\u0430\u043c\u0438 \u0431\u0443\u0444\u0435\u0440\u0430 (CWE-787)",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u0440\u0438\u043a\u043b\u0430\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0430 \u0434\u043b\u044f 3D-\u0433\u0440\u0430\u0444\u0438\u043a\u0438 WebGL \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u0430 Mozilla Firefox \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0432\u044b\u0445\u043e\u0434\u043e\u043c \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u0438 \u0437\u0430 \u0433\u0440\u0430\u043d\u0438\u0446\u044b \u0431\u0443\u0444\u0435\u0440\u0430 \u0432 \u043f\u0430\u043c\u044f\u0442\u0438. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e, \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434",
"\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
"\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
"\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0430\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u0445",
"\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-14/\nhttps://redos.red-soft.ru/support/secure/uyazvimosti/mnozhestvennye-uyazvimosti-firefox-cve-2023-1945-cve-2023-29531-cve-2023-29532-cve-2023-29533-cve-20/\nhttp://repo.red-soft.ru/redos/7.3c/x86_64/updates/\nhttps://altsp.su/obnovleniya-bezopasnosti/\nhttps://altsp.su/obnovleniya-bezopasnosti/",
"\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
"\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430, \u041f\u0440\u0438\u043a\u043b\u0430\u0434\u043d\u043e\u0435 \u041f\u041e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c",
"\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-787",
"\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 10)\n\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 8,8)"
}
CNVD-2023-55348
Vulnerability from cnvd - Published: 2023-07-11
VLAI Severity ?
Title
Mozilla Firefox ESR缓冲区溢出漏洞(CNVD-2023-55348)
Description
Mozilla Firefox ESR是美国Mozilla基金会的Firefox(Web浏览器)的一个延长支持版本。
Mozilla Firefox ESR存在安全漏洞。攻击者可利用该漏洞使用WebGL API导致越界内存访问,从而导致内存损坏和进程崩溃。
Severity
高
Patch Name
Mozilla Firefox ESR缓冲区溢出漏洞(CNVD-2023-55348)的补丁
Patch Description
Mozilla Firefox ESR是美国Mozilla基金会的Firefox(Web浏览器)的一个延长支持版本。
Mozilla Firefox ESR存在安全漏洞。攻击者可利用该漏洞使用WebGL API导致越界内存访问,从而导致内存损坏和进程崩溃。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
目前厂商已发布升级补丁以修复漏洞,补丁获取链接: https://www.mozilla.org/en-US/security/advisories/mfsa2023-14/#CVE-2023-29531
Reference
https://nvd.nist.gov/vuln/detail/CVE-2023-29531
Impacted products
| Name | ['Mozilla Firefox <112.0', 'Mozilla Firefox ESR <102.10', 'Mozilla Thunderbird <102.10'] |
|---|
{
"cves": {
"cve": {
"cveNumber": "CVE-2023-29531",
"cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2023-29531"
}
},
"description": "Mozilla Firefox ESR\u662f\u7f8e\u56fdMozilla\u57fa\u91d1\u4f1a\u7684Firefox(Web\u6d4f\u89c8\u5668)\u7684\u4e00\u4e2a\u5ef6\u957f\u652f\u6301\u7248\u672c\u3002\n\nMozilla Firefox ESR\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u4f7f\u7528WebGL API\u5bfc\u81f4\u8d8a\u754c\u5185\u5b58\u8bbf\u95ee\uff0c\u4ece\u800c\u5bfc\u81f4\u5185\u5b58\u635f\u574f\u548c\u8fdb\u7a0b\u5d29\u6e83\u3002",
"formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a \r\nhttps://www.mozilla.org/en-US/security/advisories/mfsa2023-14/#CVE-2023-29531",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2023-55348",
"openTime": "2023-07-11",
"patchDescription": "Mozilla Firefox ESR\u662f\u7f8e\u56fdMozilla\u57fa\u91d1\u4f1a\u7684Firefox(Web\u6d4f\u89c8\u5668)\u7684\u4e00\u4e2a\u5ef6\u957f\u652f\u6301\u7248\u672c\u3002\r\n\r\nMozilla Firefox ESR\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u4f7f\u7528WebGL API\u5bfc\u81f4\u8d8a\u754c\u5185\u5b58\u8bbf\u95ee\uff0c\u4ece\u800c\u5bfc\u81f4\u5185\u5b58\u635f\u574f\u548c\u8fdb\u7a0b\u5d29\u6e83\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "Mozilla Firefox ESR\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\uff08CNVD-2023-55348\uff09\u7684\u8865\u4e01",
"products": {
"product": [
"Mozilla Firefox \u003c112.0",
"Mozilla Firefox ESR \u003c102.10",
"Mozilla Thunderbird \u003c102.10"
]
},
"referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2023-29531",
"serverity": "\u9ad8",
"submitTime": "2023-06-28",
"title": "Mozilla Firefox ESR\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\uff08CNVD-2023-55348\uff09"
}
FKIE_CVE-2023-29531
Vulnerability from fkie_nvd - Published: 2023-06-19 10:15 - Updated: 2024-12-11 16:15
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
An attacker could have caused an out of bounds memory access using WebGL APIs, leading to memory corruption and a potentially exploitable crash.
*This bug only affects Firefox and Thunderbird for macOS. Other operating systems are unaffected.* This vulnerability affects Firefox < 112, Firefox ESR < 102.10, and Thunderbird < 102.10.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mozilla | firefox | * | |
| mozilla | firefox_esr | * | |
| mozilla | thunderbird | * | |
| apple | macos | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8C6578F4-B46C-473F-8A17-CA6026C32FBE",
"versionEndExcluding": "112.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "03736567-251A-4F75-992E-AB7C957FB587",
"versionEndExcluding": "102.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7C8C9D9E-9BDA-475D-B7D6-10D1C6E9DD72",
"versionEndExcluding": "102.10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An attacker could have caused an out of bounds memory access using WebGL APIs, leading to memory corruption and a potentially exploitable crash.\n\n*This bug only affects Firefox and\u00a0Thunderbird for macOS. Other operating systems are unaffected.* This vulnerability affects Firefox \u003c 112, Firefox ESR \u003c 102.10, and Thunderbird \u003c 102.10.\n\n"
}
],
"id": "CVE-2023-29531",
"lastModified": "2024-12-11T16:15:08.690",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2023-06-19T10:15:09.373",
"references": [
{
"source": "security@mozilla.org",
"tags": [
"Permissions Required"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1794292"
},
{
"source": "security@mozilla.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2023-13/"
},
{
"source": "security@mozilla.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2023-14/"
},
{
"source": "security@mozilla.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2023-15/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1794292"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2023-13/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2023-14/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2023-15/"
}
],
"sourceIdentifier": "security@mozilla.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
GHSA-X2CJ-CP2C-FXVP
Vulnerability from github – Published: 2023-06-19 12:30 – Updated: 2024-12-11 18:30
VLAI?
Details
An attacker could have caused an out of bounds memory access using WebGL APIs, leading to memory corruption and a potentially exploitable crash.
This bug only affects Firefox and Thunderbird for macOS. Other operating systems are unaffected. This vulnerability affects Firefox < 112, Firefox ESR < 102.10, and Thunderbird < 102.10.
Severity ?
9.8 (Critical)
{
"affected": [],
"aliases": [
"CVE-2023-29531"
],
"database_specific": {
"cwe_ids": [
"CWE-787"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-06-19T10:15:09Z",
"severity": "CRITICAL"
},
"details": "An attacker could have caused an out of bounds memory access using WebGL APIs, leading to memory corruption and a potentially exploitable crash.\n\n*This bug only affects Firefox and\u00a0Thunderbird for macOS. Other operating systems are unaffected.* This vulnerability affects Firefox \u003c 112, Firefox ESR \u003c 102.10, and Thunderbird \u003c 102.10.\n\n",
"id": "GHSA-x2cj-cp2c-fxvp",
"modified": "2024-12-11T18:30:35Z",
"published": "2023-06-19T12:30:21Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-29531"
},
{
"type": "WEB",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1794292"
},
{
"type": "WEB",
"url": "https://www.mozilla.org/security/advisories/mfsa2023-13"
},
{
"type": "WEB",
"url": "https://www.mozilla.org/security/advisories/mfsa2023-14"
},
{
"type": "WEB",
"url": "https://www.mozilla.org/security/advisories/mfsa2023-15"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GSD-2023-29531
Vulnerability from gsd - Updated: 2023-12-13 01:20Details
An attacker could have caused an out of bounds memory access using WebGL APIs, leading to memory corruption and a potentially exploitable crash.
*This bug only affects Firefox and Thunderbird for macOS. Other operating systems are unaffected.* This vulnerability affects Firefox < 112, Firefox ESR < 102.10, and Thunderbird < 102.10.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2023-29531",
"id": "GSD-2023-29531"
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2023-29531"
],
"details": "An attacker could have caused an out of bounds memory access using WebGL APIs, leading to memory corruption and a potentially exploitable crash.\n\n*This bug only affects Firefox and\u00a0Thunderbird for macOS. Other operating systems are unaffected.* This vulnerability affects Firefox \u003c 112, Firefox ESR \u003c 102.10, and Thunderbird \u003c 102.10.\n\n",
"id": "GSD-2023-29531",
"modified": "2023-12-13T01:20:57.359421Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "security@mozilla.org",
"ID": "CVE-2023-29531",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Firefox",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "unspecified",
"version_value": "112"
}
]
}
},
{
"product_name": "Firefox ESR",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "unspecified",
"version_value": "102.10"
}
]
}
},
{
"product_name": "Thunderbird",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "unspecified",
"version_value": "102.10"
}
]
}
}
]
},
"vendor_name": "Mozilla"
}
]
}
},
"credits": [
{
"lang": "en",
"value": "DoHyun Lee"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An attacker could have caused an out of bounds memory access using WebGL APIs, leading to memory corruption and a potentially exploitable crash.\n\n*This bug only affects Firefox and\u00a0Thunderbird for macOS. Other operating systems are unaffected.* This vulnerability affects Firefox \u003c 112, Firefox ESR \u003c 102.10, and Thunderbird \u003c 102.10.\n\n"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bound memory access in WebGL on macOS"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1794292",
"refsource": "MISC",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1794292"
},
{
"name": "https://www.mozilla.org/security/advisories/mfsa2023-13/",
"refsource": "MISC",
"url": "https://www.mozilla.org/security/advisories/mfsa2023-13/"
},
{
"name": "https://www.mozilla.org/security/advisories/mfsa2023-14/",
"refsource": "MISC",
"url": "https://www.mozilla.org/security/advisories/mfsa2023-14/"
},
{
"name": "https://www.mozilla.org/security/advisories/mfsa2023-15/",
"refsource": "MISC",
"url": "https://www.mozilla.org/security/advisories/mfsa2023-15/"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "112.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "102.10",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "102.10",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "security@mozilla.org",
"ID": "CVE-2023-29531"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "An attacker could have caused an out of bounds memory access using WebGL APIs, leading to memory corruption and a potentially exploitable crash.\n\n*This bug only affects Firefox and\u00a0Thunderbird for macOS. Other operating systems are unaffected.* This vulnerability affects Firefox \u003c 112, Firefox ESR \u003c 102.10, and Thunderbird \u003c 102.10.\n\n"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.mozilla.org/security/advisories/mfsa2023-14/",
"refsource": "MISC",
"tags": [
"Vendor Advisory"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2023-14/"
},
{
"name": "https://www.mozilla.org/security/advisories/mfsa2023-13/",
"refsource": "MISC",
"tags": [
"Vendor Advisory"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2023-13/"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1794292",
"refsource": "MISC",
"tags": [
"Permissions Required"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1794292"
},
{
"name": "https://www.mozilla.org/security/advisories/mfsa2023-15/",
"refsource": "MISC",
"tags": [
"Vendor Advisory"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2023-15/"
}
]
}
},
"impact": {
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
},
"lastModifiedDate": "2023-06-27T08:28Z",
"publishedDate": "2023-06-19T10:15Z"
}
}
}
OPENSUSE-SU-2024:12852-1
Vulnerability from csaf_opensuse - Published: 2024-06-15 00:00 - Updated: 2024-06-15 00:00Summary
MozillaThunderbird-102.10.0-1.1 on GA media
Severity
Moderate
Notes
Title of the patch: MozillaThunderbird-102.10.0-1.1 on GA media
Description of the patch: These are all security issues fixed in the MozillaThunderbird-102.10.0-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2024-12852
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
6.5 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.1 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
8.2 (High)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
5.3 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
9.8 (Critical)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.5 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.3 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.5 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
8.8 (High)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
8.8 (High)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
8.8 (High)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
9.8 (Critical)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.5 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.5 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
8.8 (High)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
47 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "MozillaThunderbird-102.10.0-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the MozillaThunderbird-102.10.0-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-12852",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_12852-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-0547 page",
"url": "https://www.suse.com/security/cve/CVE-2023-0547/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-1945 page",
"url": "https://www.suse.com/security/cve/CVE-2023-1945/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-28427 page",
"url": "https://www.suse.com/security/cve/CVE-2023-28427/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-29479 page",
"url": "https://www.suse.com/security/cve/CVE-2023-29479/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-29531 page",
"url": "https://www.suse.com/security/cve/CVE-2023-29531/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-29532 page",
"url": "https://www.suse.com/security/cve/CVE-2023-29532/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-29533 page",
"url": "https://www.suse.com/security/cve/CVE-2023-29533/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-29535 page",
"url": "https://www.suse.com/security/cve/CVE-2023-29535/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-29536 page",
"url": "https://www.suse.com/security/cve/CVE-2023-29536/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-29539 page",
"url": "https://www.suse.com/security/cve/CVE-2023-29539/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-29541 page",
"url": "https://www.suse.com/security/cve/CVE-2023-29541/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-29542 page",
"url": "https://www.suse.com/security/cve/CVE-2023-29542/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-29545 page",
"url": "https://www.suse.com/security/cve/CVE-2023-29545/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-29548 page",
"url": "https://www.suse.com/security/cve/CVE-2023-29548/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-29550 page",
"url": "https://www.suse.com/security/cve/CVE-2023-29550/"
}
],
"title": "MozillaThunderbird-102.10.0-1.1 on GA media",
"tracking": {
"current_release_date": "2024-06-15T00:00:00Z",
"generator": {
"date": "2024-06-15T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:12852-1",
"initial_release_date": "2024-06-15T00:00:00Z",
"revision_history": [
{
"date": "2024-06-15T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "MozillaThunderbird-102.10.0-1.1.aarch64",
"product": {
"name": "MozillaThunderbird-102.10.0-1.1.aarch64",
"product_id": "MozillaThunderbird-102.10.0-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "MozillaThunderbird-translations-common-102.10.0-1.1.aarch64",
"product": {
"name": "MozillaThunderbird-translations-common-102.10.0-1.1.aarch64",
"product_id": "MozillaThunderbird-translations-common-102.10.0-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "MozillaThunderbird-translations-other-102.10.0-1.1.aarch64",
"product": {
"name": "MozillaThunderbird-translations-other-102.10.0-1.1.aarch64",
"product_id": "MozillaThunderbird-translations-other-102.10.0-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "MozillaThunderbird-102.10.0-1.1.ppc64le",
"product": {
"name": "MozillaThunderbird-102.10.0-1.1.ppc64le",
"product_id": "MozillaThunderbird-102.10.0-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "MozillaThunderbird-translations-common-102.10.0-1.1.ppc64le",
"product": {
"name": "MozillaThunderbird-translations-common-102.10.0-1.1.ppc64le",
"product_id": "MozillaThunderbird-translations-common-102.10.0-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "MozillaThunderbird-translations-other-102.10.0-1.1.ppc64le",
"product": {
"name": "MozillaThunderbird-translations-other-102.10.0-1.1.ppc64le",
"product_id": "MozillaThunderbird-translations-other-102.10.0-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "MozillaThunderbird-102.10.0-1.1.s390x",
"product": {
"name": "MozillaThunderbird-102.10.0-1.1.s390x",
"product_id": "MozillaThunderbird-102.10.0-1.1.s390x"
}
},
{
"category": "product_version",
"name": "MozillaThunderbird-translations-common-102.10.0-1.1.s390x",
"product": {
"name": "MozillaThunderbird-translations-common-102.10.0-1.1.s390x",
"product_id": "MozillaThunderbird-translations-common-102.10.0-1.1.s390x"
}
},
{
"category": "product_version",
"name": "MozillaThunderbird-translations-other-102.10.0-1.1.s390x",
"product": {
"name": "MozillaThunderbird-translations-other-102.10.0-1.1.s390x",
"product_id": "MozillaThunderbird-translations-other-102.10.0-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "MozillaThunderbird-102.10.0-1.1.x86_64",
"product": {
"name": "MozillaThunderbird-102.10.0-1.1.x86_64",
"product_id": "MozillaThunderbird-102.10.0-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "MozillaThunderbird-translations-common-102.10.0-1.1.x86_64",
"product": {
"name": "MozillaThunderbird-translations-common-102.10.0-1.1.x86_64",
"product_id": "MozillaThunderbird-translations-common-102.10.0-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "MozillaThunderbird-translations-other-102.10.0-1.1.x86_64",
"product": {
"name": "MozillaThunderbird-translations-other-102.10.0-1.1.x86_64",
"product_id": "MozillaThunderbird-translations-other-102.10.0-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-102.10.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.aarch64"
},
"product_reference": "MozillaThunderbird-102.10.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-102.10.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.ppc64le"
},
"product_reference": "MozillaThunderbird-102.10.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-102.10.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.s390x"
},
"product_reference": "MozillaThunderbird-102.10.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-102.10.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.x86_64"
},
"product_reference": "MozillaThunderbird-102.10.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-translations-common-102.10.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.aarch64"
},
"product_reference": "MozillaThunderbird-translations-common-102.10.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-translations-common-102.10.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.ppc64le"
},
"product_reference": "MozillaThunderbird-translations-common-102.10.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-translations-common-102.10.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.s390x"
},
"product_reference": "MozillaThunderbird-translations-common-102.10.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-translations-common-102.10.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.x86_64"
},
"product_reference": "MozillaThunderbird-translations-common-102.10.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-translations-other-102.10.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.aarch64"
},
"product_reference": "MozillaThunderbird-translations-other-102.10.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-translations-other-102.10.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.ppc64le"
},
"product_reference": "MozillaThunderbird-translations-other-102.10.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-translations-other-102.10.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.s390x"
},
"product_reference": "MozillaThunderbird-translations-other-102.10.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-translations-other-102.10.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.x86_64"
},
"product_reference": "MozillaThunderbird-translations-other-102.10.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-0547",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-0547"
}
],
"notes": [
{
"category": "general",
"text": "OCSP revocation status of recipient certificates was not checked when sending S/Mime encrypted email, and revoked certificates would be accepted. Thunderbird versions from 68 to 102.9.1 were affected by this bug. This vulnerability affects Thunderbird \u003c 102.10.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-0547",
"url": "https://www.suse.com/security/cve/CVE-2023-0547"
},
{
"category": "external",
"summary": "SUSE Bug 1210212 for CVE-2023-0547",
"url": "https://bugzilla.suse.com/1210212"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-0547"
},
{
"cve": "CVE-2023-1945",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-1945"
}
],
"notes": [
{
"category": "general",
"text": "Unexpected data returned from the Safe Browsing API could have led to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 102.10 and Firefox ESR \u003c 102.10.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-1945",
"url": "https://www.suse.com/security/cve/CVE-2023-1945"
},
{
"category": "external",
"summary": "SUSE Bug 1210212 for CVE-2023-1945",
"url": "https://bugzilla.suse.com/1210212"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-1945"
},
{
"cve": "CVE-2023-28427",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-28427"
}
],
"notes": [
{
"category": "general",
"text": "matrix-js-sdk is a Matrix messaging protocol Client-Server SDK for JavaScript. In versions prior to 24.0.0 events sent with special strings in key places can temporarily disrupt or impede the matrix-js-sdk from functioning properly, potentially impacting the consumer\u0027s ability to process data safely. Note that the matrix-js-sdk can appear to be operating normally but be excluding or corrupting runtime data presented to the consumer. This vulnerability is distinct from GHSA-rfv9-x7hh-xc32 which covers a similar issue. The issue has been patched in matrix-js-sdk 24.0.0 and users are advised to upgrade. There are no known workarounds for this vulnerability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-28427",
"url": "https://www.suse.com/security/cve/CVE-2023-28427"
},
{
"category": "external",
"summary": "SUSE Bug 1209953 for CVE-2023-28427",
"url": "https://bugzilla.suse.com/1209953"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2023-28427"
},
{
"cve": "CVE-2023-29479",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-29479"
}
],
"notes": [
{
"category": "general",
"text": "Ribose RNP before 0.16.3 may hang when the input is malformed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-29479",
"url": "https://www.suse.com/security/cve/CVE-2023-29479"
},
{
"category": "external",
"summary": "SUSE Bug 1210212 for CVE-2023-29479",
"url": "https://bugzilla.suse.com/1210212"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-29479"
},
{
"cve": "CVE-2023-29531",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-29531"
}
],
"notes": [
{
"category": "general",
"text": "An attacker could have caused an out of bounds memory access using WebGL APIs, leading to memory corruption and a potentially exploitable crash.\n\n*This bug only affects Firefox and Thunderbird for macOS. Other operating systems are unaffected.* This vulnerability affects Firefox \u003c 112, Firefox ESR \u003c 102.10, and Thunderbird \u003c 102.10.\n\n",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-29531",
"url": "https://www.suse.com/security/cve/CVE-2023-29531"
},
{
"category": "external",
"summary": "SUSE Bug 1210212 for CVE-2023-29531",
"url": "https://bugzilla.suse.com/1210212"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-29531"
},
{
"cve": "CVE-2023-29532",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-29532"
}
],
"notes": [
{
"category": "general",
"text": "A local attacker can trick the Mozilla Maintenance Service into applying an unsigned update file by pointing the service at an update file on a malicious SMB server. The update file can be replaced after the signature check, before the use, because the write-lock requested by the service does not work on a SMB server.\n\n*Note: This attack requires local system access and only affects Windows. Other operating systems are not affected.* This vulnerability affects Firefox \u003c 112, Firefox ESR \u003c 102.10, and Thunderbird \u003c 102.10.\n\n",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-29532",
"url": "https://www.suse.com/security/cve/CVE-2023-29532"
},
{
"category": "external",
"summary": "SUSE Bug 1210212 for CVE-2023-29532",
"url": "https://bugzilla.suse.com/1210212"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-29532"
},
{
"cve": "CVE-2023-29533",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-29533"
}
],
"notes": [
{
"category": "general",
"text": "A website could have obscured the fullscreen notification by using a combination of \u003ccode\u003ewindow.open\u003c/code\u003e, fullscreen requests, \u003ccode\u003ewindow.name\u003c/code\u003e assignments, and \u003ccode\u003esetInterval\u003c/code\u003e calls. This could have led to user confusion and possible spoofing attacks. This vulnerability affects Firefox \u003c 112, Focus for Android \u003c 112, Firefox ESR \u003c 102.10, Firefox for Android \u003c 112, and Thunderbird \u003c 102.10.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-29533",
"url": "https://www.suse.com/security/cve/CVE-2023-29533"
},
{
"category": "external",
"summary": "SUSE Bug 1210212 for CVE-2023-29533",
"url": "https://bugzilla.suse.com/1210212"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-29533"
},
{
"cve": "CVE-2023-29535",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-29535"
}
],
"notes": [
{
"category": "general",
"text": "Following a Garbage Collector compaction, weak maps may have been accessed before they were correctly traced. This resulted in memory corruption and a potentially exploitable crash. This vulnerability affects Firefox \u003c 112, Focus for Android \u003c 112, Firefox ESR \u003c 102.10, Firefox for Android \u003c 112, and Thunderbird \u003c 102.10.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-29535",
"url": "https://www.suse.com/security/cve/CVE-2023-29535"
},
{
"category": "external",
"summary": "SUSE Bug 1210212 for CVE-2023-29535",
"url": "https://bugzilla.suse.com/1210212"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-29535"
},
{
"cve": "CVE-2023-29536",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-29536"
}
],
"notes": [
{
"category": "general",
"text": "An attacker could cause the memory manager to incorrectly free a pointer that addresses attacker-controlled memory, resulting in an assertion, memory corruption, or a potentially exploitable crash. This vulnerability affects Firefox \u003c 112, Focus for Android \u003c 112, Firefox ESR \u003c 102.10, Firefox for Android \u003c 112, and Thunderbird \u003c 102.10.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-29536",
"url": "https://www.suse.com/security/cve/CVE-2023-29536"
},
{
"category": "external",
"summary": "SUSE Bug 1210212 for CVE-2023-29536",
"url": "https://bugzilla.suse.com/1210212"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-29536"
},
{
"cve": "CVE-2023-29539",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-29539"
}
],
"notes": [
{
"category": "general",
"text": "When handling the filename directive in the Content-Disposition header, the filename would be truncated if the filename contained a NULL character. This could have led to reflected file download attacks potentially tricking users to install malware. This vulnerability affects Firefox \u003c 112, Focus for Android \u003c 112, Firefox ESR \u003c 102.10, Firefox for Android \u003c 112, and Thunderbird \u003c 102.10.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-29539",
"url": "https://www.suse.com/security/cve/CVE-2023-29539"
},
{
"category": "external",
"summary": "SUSE Bug 1210212 for CVE-2023-29539",
"url": "https://bugzilla.suse.com/1210212"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-29539"
},
{
"cve": "CVE-2023-29541",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-29541"
}
],
"notes": [
{
"category": "general",
"text": "Firefox did not properly handle downloads of files ending in \u003ccode\u003e.desktop\u003c/code\u003e, which can be interpreted to run attacker-controlled commands. \u003cbr\u003e*This bug only affects Firefox for Linux on certain Distributions. Other operating systems are unaffected, and Mozilla is unable to enumerate all affected Linux Distributions.*. This vulnerability affects Firefox \u003c 112, Focus for Android \u003c 112, Firefox ESR \u003c 102.10, Firefox for Android \u003c 112, and Thunderbird \u003c 102.10.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-29541",
"url": "https://www.suse.com/security/cve/CVE-2023-29541"
},
{
"category": "external",
"summary": "SUSE Bug 1210212 for CVE-2023-29541",
"url": "https://bugzilla.suse.com/1210212"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-29541"
},
{
"cve": "CVE-2023-29542",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-29542"
}
],
"notes": [
{
"category": "general",
"text": "A newline in a filename could have been used to bypass the file extension security mechanisms that replace malicious file extensions such as .lnk with .download. This could have led to accidental execution of malicious code.\n\n*This bug only affects Firefox and Thunderbird on Windows. Other versions of Firefox and Thunderbird are unaffected.* This vulnerability affects Firefox \u003c 112, Firefox ESR \u003c 102.10, and Thunderbird \u003c 102.10.\n\n",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-29542",
"url": "https://www.suse.com/security/cve/CVE-2023-29542"
},
{
"category": "external",
"summary": "SUSE Bug 1210212 for CVE-2023-29542",
"url": "https://bugzilla.suse.com/1210212"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-29542"
},
{
"cve": "CVE-2023-29545",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-29545"
}
],
"notes": [
{
"category": "general",
"text": "Similar to CVE-2023-28163, this time when choosing \u0027Save Link As\u0027, suggested filenames containing environment variable names would have resolved those in the context of the current user. \n\n*This bug only affects Firefox and Thunderbird on Windows. Other versions of Firefox and Thunderbird are unaffected.* This vulnerability affects Firefox \u003c 112, Firefox ESR \u003c 102.10, and Thunderbird \u003c 102.10.\n\n",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-29545",
"url": "https://www.suse.com/security/cve/CVE-2023-29545"
},
{
"category": "external",
"summary": "SUSE Bug 1210212 for CVE-2023-29545",
"url": "https://bugzilla.suse.com/1210212"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-29545"
},
{
"cve": "CVE-2023-29548",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-29548"
}
],
"notes": [
{
"category": "general",
"text": "A wrong lowering instruction in the ARM64 Ion compiler resulted in a wrong optimization result. This vulnerability affects Firefox \u003c 112, Focus for Android \u003c 112, Firefox ESR \u003c 102.10, Firefox for Android \u003c 112, and Thunderbird \u003c 102.10.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-29548",
"url": "https://www.suse.com/security/cve/CVE-2023-29548"
},
{
"category": "external",
"summary": "SUSE Bug 1210212 for CVE-2023-29548",
"url": "https://bugzilla.suse.com/1210212"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-29548"
},
{
"cve": "CVE-2023-29550",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-29550"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla developers Randell Jesup, Andrew Osmond, Sebastian Hengst, Andrew McCreight, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 111 and Firefox ESR 102.9. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 112, Focus for Android \u003c 112, Firefox ESR \u003c 102.10, Firefox for Android \u003c 112, and Thunderbird \u003c 102.10.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-29550",
"url": "https://www.suse.com/security/cve/CVE-2023-29550"
},
{
"category": "external",
"summary": "SUSE Bug 1210212 for CVE-2023-29550",
"url": "https://bugzilla.suse.com/1210212"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-102.10.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-29550"
}
]
}
OPENSUSE-SU-2024:12856-1
Vulnerability from csaf_opensuse - Published: 2024-06-15 00:00 - Updated: 2024-06-15 00:00Summary
libmozjs-102-0-102.10.0-1.1 on GA media
Severity
Moderate
Notes
Title of the patch: libmozjs-102-0-102.10.0-1.1 on GA media
Description of the patch: These are all security issues fixed in the libmozjs-102-0-102.10.0-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2024-12856
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
6.1 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-102.10.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-102.10.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-102.10.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-102.10.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
9.8 (Critical)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-102.10.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-102.10.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-102.10.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-102.10.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.5 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-102.10.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-102.10.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-102.10.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-102.10.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.3 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-102.10.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-102.10.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-102.10.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-102.10.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.5 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-102.10.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-102.10.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-102.10.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-102.10.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
8.8 (High)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-102.10.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-102.10.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-102.10.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-102.10.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
8.8 (High)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-102.10.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-102.10.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-102.10.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-102.10.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
8.8 (High)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-102.10.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-102.10.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-102.10.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-102.10.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
9.8 (Critical)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-102.10.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-102.10.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-102.10.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-102.10.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.5 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-102.10.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-102.10.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-102.10.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-102.10.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.5 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-102.10.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-102.10.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-102.10.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-102.10.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
8.8 (High)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-102.10.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-102.10.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-102.10.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-102.10.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
38 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "libmozjs-102-0-102.10.0-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the libmozjs-102-0-102.10.0-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-12856",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_12856-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-1945 page",
"url": "https://www.suse.com/security/cve/CVE-2023-1945/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-29531 page",
"url": "https://www.suse.com/security/cve/CVE-2023-29531/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-29532 page",
"url": "https://www.suse.com/security/cve/CVE-2023-29532/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-29533 page",
"url": "https://www.suse.com/security/cve/CVE-2023-29533/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-29535 page",
"url": "https://www.suse.com/security/cve/CVE-2023-29535/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-29536 page",
"url": "https://www.suse.com/security/cve/CVE-2023-29536/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-29539 page",
"url": "https://www.suse.com/security/cve/CVE-2023-29539/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-29541 page",
"url": "https://www.suse.com/security/cve/CVE-2023-29541/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-29542 page",
"url": "https://www.suse.com/security/cve/CVE-2023-29542/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-29545 page",
"url": "https://www.suse.com/security/cve/CVE-2023-29545/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-29548 page",
"url": "https://www.suse.com/security/cve/CVE-2023-29548/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-29550 page",
"url": "https://www.suse.com/security/cve/CVE-2023-29550/"
}
],
"title": "libmozjs-102-0-102.10.0-1.1 on GA media",
"tracking": {
"current_release_date": "2024-06-15T00:00:00Z",
"generator": {
"date": "2024-06-15T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:12856-1",
"initial_release_date": "2024-06-15T00:00:00Z",
"revision_history": [
{
"date": "2024-06-15T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libmozjs-102-0-102.10.0-1.1.aarch64",
"product": {
"name": "libmozjs-102-0-102.10.0-1.1.aarch64",
"product_id": "libmozjs-102-0-102.10.0-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "mozjs102-102.10.0-1.1.aarch64",
"product": {
"name": "mozjs102-102.10.0-1.1.aarch64",
"product_id": "mozjs102-102.10.0-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "mozjs102-devel-102.10.0-1.1.aarch64",
"product": {
"name": "mozjs102-devel-102.10.0-1.1.aarch64",
"product_id": "mozjs102-devel-102.10.0-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libmozjs-102-0-102.10.0-1.1.ppc64le",
"product": {
"name": "libmozjs-102-0-102.10.0-1.1.ppc64le",
"product_id": "libmozjs-102-0-102.10.0-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "mozjs102-102.10.0-1.1.ppc64le",
"product": {
"name": "mozjs102-102.10.0-1.1.ppc64le",
"product_id": "mozjs102-102.10.0-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "mozjs102-devel-102.10.0-1.1.ppc64le",
"product": {
"name": "mozjs102-devel-102.10.0-1.1.ppc64le",
"product_id": "mozjs102-devel-102.10.0-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libmozjs-102-0-102.10.0-1.1.s390x",
"product": {
"name": "libmozjs-102-0-102.10.0-1.1.s390x",
"product_id": "libmozjs-102-0-102.10.0-1.1.s390x"
}
},
{
"category": "product_version",
"name": "mozjs102-102.10.0-1.1.s390x",
"product": {
"name": "mozjs102-102.10.0-1.1.s390x",
"product_id": "mozjs102-102.10.0-1.1.s390x"
}
},
{
"category": "product_version",
"name": "mozjs102-devel-102.10.0-1.1.s390x",
"product": {
"name": "mozjs102-devel-102.10.0-1.1.s390x",
"product_id": "mozjs102-devel-102.10.0-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libmozjs-102-0-102.10.0-1.1.x86_64",
"product": {
"name": "libmozjs-102-0-102.10.0-1.1.x86_64",
"product_id": "libmozjs-102-0-102.10.0-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "mozjs102-102.10.0-1.1.x86_64",
"product": {
"name": "mozjs102-102.10.0-1.1.x86_64",
"product_id": "mozjs102-102.10.0-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "mozjs102-devel-102.10.0-1.1.x86_64",
"product": {
"name": "mozjs102-devel-102.10.0-1.1.x86_64",
"product_id": "mozjs102-devel-102.10.0-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libmozjs-102-0-102.10.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.aarch64"
},
"product_reference": "libmozjs-102-0-102.10.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmozjs-102-0-102.10.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.ppc64le"
},
"product_reference": "libmozjs-102-0-102.10.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmozjs-102-0-102.10.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.s390x"
},
"product_reference": "libmozjs-102-0-102.10.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmozjs-102-0-102.10.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.x86_64"
},
"product_reference": "libmozjs-102-0-102.10.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozjs102-102.10.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mozjs102-102.10.0-1.1.aarch64"
},
"product_reference": "mozjs102-102.10.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozjs102-102.10.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mozjs102-102.10.0-1.1.ppc64le"
},
"product_reference": "mozjs102-102.10.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozjs102-102.10.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mozjs102-102.10.0-1.1.s390x"
},
"product_reference": "mozjs102-102.10.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozjs102-102.10.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mozjs102-102.10.0-1.1.x86_64"
},
"product_reference": "mozjs102-102.10.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozjs102-devel-102.10.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.aarch64"
},
"product_reference": "mozjs102-devel-102.10.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozjs102-devel-102.10.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.ppc64le"
},
"product_reference": "mozjs102-devel-102.10.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozjs102-devel-102.10.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.s390x"
},
"product_reference": "mozjs102-devel-102.10.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozjs102-devel-102.10.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.x86_64"
},
"product_reference": "mozjs102-devel-102.10.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-1945",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-1945"
}
],
"notes": [
{
"category": "general",
"text": "Unexpected data returned from the Safe Browsing API could have led to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 102.10 and Firefox ESR \u003c 102.10.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-1945",
"url": "https://www.suse.com/security/cve/CVE-2023-1945"
},
{
"category": "external",
"summary": "SUSE Bug 1210212 for CVE-2023-1945",
"url": "https://bugzilla.suse.com/1210212"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-1945"
},
{
"cve": "CVE-2023-29531",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-29531"
}
],
"notes": [
{
"category": "general",
"text": "An attacker could have caused an out of bounds memory access using WebGL APIs, leading to memory corruption and a potentially exploitable crash.\n\n*This bug only affects Firefox and Thunderbird for macOS. Other operating systems are unaffected.* This vulnerability affects Firefox \u003c 112, Firefox ESR \u003c 102.10, and Thunderbird \u003c 102.10.\n\n",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-29531",
"url": "https://www.suse.com/security/cve/CVE-2023-29531"
},
{
"category": "external",
"summary": "SUSE Bug 1210212 for CVE-2023-29531",
"url": "https://bugzilla.suse.com/1210212"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-29531"
},
{
"cve": "CVE-2023-29532",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-29532"
}
],
"notes": [
{
"category": "general",
"text": "A local attacker can trick the Mozilla Maintenance Service into applying an unsigned update file by pointing the service at an update file on a malicious SMB server. The update file can be replaced after the signature check, before the use, because the write-lock requested by the service does not work on a SMB server.\n\n*Note: This attack requires local system access and only affects Windows. Other operating systems are not affected.* This vulnerability affects Firefox \u003c 112, Firefox ESR \u003c 102.10, and Thunderbird \u003c 102.10.\n\n",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-29532",
"url": "https://www.suse.com/security/cve/CVE-2023-29532"
},
{
"category": "external",
"summary": "SUSE Bug 1210212 for CVE-2023-29532",
"url": "https://bugzilla.suse.com/1210212"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-29532"
},
{
"cve": "CVE-2023-29533",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-29533"
}
],
"notes": [
{
"category": "general",
"text": "A website could have obscured the fullscreen notification by using a combination of \u003ccode\u003ewindow.open\u003c/code\u003e, fullscreen requests, \u003ccode\u003ewindow.name\u003c/code\u003e assignments, and \u003ccode\u003esetInterval\u003c/code\u003e calls. This could have led to user confusion and possible spoofing attacks. This vulnerability affects Firefox \u003c 112, Focus for Android \u003c 112, Firefox ESR \u003c 102.10, Firefox for Android \u003c 112, and Thunderbird \u003c 102.10.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-29533",
"url": "https://www.suse.com/security/cve/CVE-2023-29533"
},
{
"category": "external",
"summary": "SUSE Bug 1210212 for CVE-2023-29533",
"url": "https://bugzilla.suse.com/1210212"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-29533"
},
{
"cve": "CVE-2023-29535",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-29535"
}
],
"notes": [
{
"category": "general",
"text": "Following a Garbage Collector compaction, weak maps may have been accessed before they were correctly traced. This resulted in memory corruption and a potentially exploitable crash. This vulnerability affects Firefox \u003c 112, Focus for Android \u003c 112, Firefox ESR \u003c 102.10, Firefox for Android \u003c 112, and Thunderbird \u003c 102.10.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-29535",
"url": "https://www.suse.com/security/cve/CVE-2023-29535"
},
{
"category": "external",
"summary": "SUSE Bug 1210212 for CVE-2023-29535",
"url": "https://bugzilla.suse.com/1210212"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-29535"
},
{
"cve": "CVE-2023-29536",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-29536"
}
],
"notes": [
{
"category": "general",
"text": "An attacker could cause the memory manager to incorrectly free a pointer that addresses attacker-controlled memory, resulting in an assertion, memory corruption, or a potentially exploitable crash. This vulnerability affects Firefox \u003c 112, Focus for Android \u003c 112, Firefox ESR \u003c 102.10, Firefox for Android \u003c 112, and Thunderbird \u003c 102.10.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-29536",
"url": "https://www.suse.com/security/cve/CVE-2023-29536"
},
{
"category": "external",
"summary": "SUSE Bug 1210212 for CVE-2023-29536",
"url": "https://bugzilla.suse.com/1210212"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-29536"
},
{
"cve": "CVE-2023-29539",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-29539"
}
],
"notes": [
{
"category": "general",
"text": "When handling the filename directive in the Content-Disposition header, the filename would be truncated if the filename contained a NULL character. This could have led to reflected file download attacks potentially tricking users to install malware. This vulnerability affects Firefox \u003c 112, Focus for Android \u003c 112, Firefox ESR \u003c 102.10, Firefox for Android \u003c 112, and Thunderbird \u003c 102.10.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-29539",
"url": "https://www.suse.com/security/cve/CVE-2023-29539"
},
{
"category": "external",
"summary": "SUSE Bug 1210212 for CVE-2023-29539",
"url": "https://bugzilla.suse.com/1210212"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-29539"
},
{
"cve": "CVE-2023-29541",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-29541"
}
],
"notes": [
{
"category": "general",
"text": "Firefox did not properly handle downloads of files ending in \u003ccode\u003e.desktop\u003c/code\u003e, which can be interpreted to run attacker-controlled commands. \u003cbr\u003e*This bug only affects Firefox for Linux on certain Distributions. Other operating systems are unaffected, and Mozilla is unable to enumerate all affected Linux Distributions.*. This vulnerability affects Firefox \u003c 112, Focus for Android \u003c 112, Firefox ESR \u003c 102.10, Firefox for Android \u003c 112, and Thunderbird \u003c 102.10.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-29541",
"url": "https://www.suse.com/security/cve/CVE-2023-29541"
},
{
"category": "external",
"summary": "SUSE Bug 1210212 for CVE-2023-29541",
"url": "https://bugzilla.suse.com/1210212"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-29541"
},
{
"cve": "CVE-2023-29542",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-29542"
}
],
"notes": [
{
"category": "general",
"text": "A newline in a filename could have been used to bypass the file extension security mechanisms that replace malicious file extensions such as .lnk with .download. This could have led to accidental execution of malicious code.\n\n*This bug only affects Firefox and Thunderbird on Windows. Other versions of Firefox and Thunderbird are unaffected.* This vulnerability affects Firefox \u003c 112, Firefox ESR \u003c 102.10, and Thunderbird \u003c 102.10.\n\n",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-29542",
"url": "https://www.suse.com/security/cve/CVE-2023-29542"
},
{
"category": "external",
"summary": "SUSE Bug 1210212 for CVE-2023-29542",
"url": "https://bugzilla.suse.com/1210212"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-29542"
},
{
"cve": "CVE-2023-29545",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-29545"
}
],
"notes": [
{
"category": "general",
"text": "Similar to CVE-2023-28163, this time when choosing \u0027Save Link As\u0027, suggested filenames containing environment variable names would have resolved those in the context of the current user. \n\n*This bug only affects Firefox and Thunderbird on Windows. Other versions of Firefox and Thunderbird are unaffected.* This vulnerability affects Firefox \u003c 112, Firefox ESR \u003c 102.10, and Thunderbird \u003c 102.10.\n\n",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-29545",
"url": "https://www.suse.com/security/cve/CVE-2023-29545"
},
{
"category": "external",
"summary": "SUSE Bug 1210212 for CVE-2023-29545",
"url": "https://bugzilla.suse.com/1210212"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-29545"
},
{
"cve": "CVE-2023-29548",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-29548"
}
],
"notes": [
{
"category": "general",
"text": "A wrong lowering instruction in the ARM64 Ion compiler resulted in a wrong optimization result. This vulnerability affects Firefox \u003c 112, Focus for Android \u003c 112, Firefox ESR \u003c 102.10, Firefox for Android \u003c 112, and Thunderbird \u003c 102.10.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-29548",
"url": "https://www.suse.com/security/cve/CVE-2023-29548"
},
{
"category": "external",
"summary": "SUSE Bug 1210212 for CVE-2023-29548",
"url": "https://bugzilla.suse.com/1210212"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-29548"
},
{
"cve": "CVE-2023-29550",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-29550"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla developers Randell Jesup, Andrew Osmond, Sebastian Hengst, Andrew McCreight, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 111 and Firefox ESR 102.9. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 112, Focus for Android \u003c 112, Firefox ESR \u003c 102.10, Firefox for Android \u003c 112, and Thunderbird \u003c 102.10.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-29550",
"url": "https://www.suse.com/security/cve/CVE-2023-29550"
},
{
"category": "external",
"summary": "SUSE Bug 1210212 for CVE-2023-29550",
"url": "https://bugzilla.suse.com/1210212"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:libmozjs-102-0-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-102.10.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-devel-102.10.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-29550"
}
]
}
OPENSUSE-SU-2024:12882-1
Vulnerability from csaf_opensuse - Published: 2024-06-15 00:00 - Updated: 2024-06-15 00:00Summary
MozillaFirefox-112.0.1-1.1 on GA media
Severity
Moderate
Notes
Title of the patch: MozillaFirefox-112.0.1-1.1 on GA media
Description of the patch: These are all security issues fixed in the MozillaFirefox-112.0.1-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2024-12882
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
9.8 (Critical)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.5 (Medium)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.3 (Medium)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
9.1 (Critical)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
critical
6.5 (Medium)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
8.8 (High)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.5 (High)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.3 (Medium)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
8.8 (High)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.1 (Medium)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
8.8 (High)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
9.8 (Critical)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
8.8 (High)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.5 (Medium)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.5 (Medium)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
not set
6.5 (Medium)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.5 (Medium)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.5 (Medium)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
8.8 (High)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
8.8 (High)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
64 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "MozillaFirefox-112.0.1-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the MozillaFirefox-112.0.1-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-12882",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_12882-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-29531 page",
"url": "https://www.suse.com/security/cve/CVE-2023-29531/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-29532 page",
"url": "https://www.suse.com/security/cve/CVE-2023-29532/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-29533 page",
"url": "https://www.suse.com/security/cve/CVE-2023-29533/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-29534 page",
"url": "https://www.suse.com/security/cve/CVE-2023-29534/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-29535 page",
"url": "https://www.suse.com/security/cve/CVE-2023-29535/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-29536 page",
"url": "https://www.suse.com/security/cve/CVE-2023-29536/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-29537 page",
"url": "https://www.suse.com/security/cve/CVE-2023-29537/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-29538 page",
"url": "https://www.suse.com/security/cve/CVE-2023-29538/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-29539 page",
"url": "https://www.suse.com/security/cve/CVE-2023-29539/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-29540 page",
"url": "https://www.suse.com/security/cve/CVE-2023-29540/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-29541 page",
"url": "https://www.suse.com/security/cve/CVE-2023-29541/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-29542 page",
"url": "https://www.suse.com/security/cve/CVE-2023-29542/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-29543 page",
"url": "https://www.suse.com/security/cve/CVE-2023-29543/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-29544 page",
"url": "https://www.suse.com/security/cve/CVE-2023-29544/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-29545 page",
"url": "https://www.suse.com/security/cve/CVE-2023-29545/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-29546 page",
"url": "https://www.suse.com/security/cve/CVE-2023-29546/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-29547 page",
"url": "https://www.suse.com/security/cve/CVE-2023-29547/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-29548 page",
"url": "https://www.suse.com/security/cve/CVE-2023-29548/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-29549 page",
"url": "https://www.suse.com/security/cve/CVE-2023-29549/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-29550 page",
"url": "https://www.suse.com/security/cve/CVE-2023-29550/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-29551 page",
"url": "https://www.suse.com/security/cve/CVE-2023-29551/"
}
],
"title": "MozillaFirefox-112.0.1-1.1 on GA media",
"tracking": {
"current_release_date": "2024-06-15T00:00:00Z",
"generator": {
"date": "2024-06-15T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:12882-1",
"initial_release_date": "2024-06-15T00:00:00Z",
"revision_history": [
{
"date": "2024-06-15T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "MozillaFirefox-112.0.1-1.1.aarch64",
"product": {
"name": "MozillaFirefox-112.0.1-1.1.aarch64",
"product_id": "MozillaFirefox-112.0.1-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"product": {
"name": "MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"product_id": "MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-devel-112.0.1-1.1.aarch64",
"product": {
"name": "MozillaFirefox-devel-112.0.1-1.1.aarch64",
"product_id": "MozillaFirefox-devel-112.0.1-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"product": {
"name": "MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"product_id": "MozillaFirefox-translations-common-112.0.1-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"product": {
"name": "MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"product_id": "MozillaFirefox-translations-other-112.0.1-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "MozillaFirefox-112.0.1-1.1.ppc64le",
"product": {
"name": "MozillaFirefox-112.0.1-1.1.ppc64le",
"product_id": "MozillaFirefox-112.0.1-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"product": {
"name": "MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"product_id": "MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"product": {
"name": "MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"product_id": "MozillaFirefox-devel-112.0.1-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"product": {
"name": "MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"product_id": "MozillaFirefox-translations-common-112.0.1-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"product": {
"name": "MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"product_id": "MozillaFirefox-translations-other-112.0.1-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "MozillaFirefox-112.0.1-1.1.s390x",
"product": {
"name": "MozillaFirefox-112.0.1-1.1.s390x",
"product_id": "MozillaFirefox-112.0.1-1.1.s390x"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"product": {
"name": "MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"product_id": "MozillaFirefox-branding-upstream-112.0.1-1.1.s390x"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-devel-112.0.1-1.1.s390x",
"product": {
"name": "MozillaFirefox-devel-112.0.1-1.1.s390x",
"product_id": "MozillaFirefox-devel-112.0.1-1.1.s390x"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"product": {
"name": "MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"product_id": "MozillaFirefox-translations-common-112.0.1-1.1.s390x"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"product": {
"name": "MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"product_id": "MozillaFirefox-translations-other-112.0.1-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "MozillaFirefox-112.0.1-1.1.x86_64",
"product": {
"name": "MozillaFirefox-112.0.1-1.1.x86_64",
"product_id": "MozillaFirefox-112.0.1-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"product": {
"name": "MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"product_id": "MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-devel-112.0.1-1.1.x86_64",
"product": {
"name": "MozillaFirefox-devel-112.0.1-1.1.x86_64",
"product_id": "MozillaFirefox-devel-112.0.1-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"product": {
"name": "MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"product_id": "MozillaFirefox-translations-common-112.0.1-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-other-112.0.1-1.1.x86_64",
"product": {
"name": "MozillaFirefox-translations-other-112.0.1-1.1.x86_64",
"product_id": "MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-112.0.1-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64"
},
"product_reference": "MozillaFirefox-112.0.1-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-112.0.1-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le"
},
"product_reference": "MozillaFirefox-112.0.1-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-112.0.1-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x"
},
"product_reference": "MozillaFirefox-112.0.1-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-112.0.1-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64"
},
"product_reference": "MozillaFirefox-112.0.1-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64"
},
"product_reference": "MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le"
},
"product_reference": "MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-branding-upstream-112.0.1-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x"
},
"product_reference": "MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64"
},
"product_reference": "MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-devel-112.0.1-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64"
},
"product_reference": "MozillaFirefox-devel-112.0.1-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-devel-112.0.1-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le"
},
"product_reference": "MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-devel-112.0.1-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x"
},
"product_reference": "MozillaFirefox-devel-112.0.1-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-devel-112.0.1-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64"
},
"product_reference": "MozillaFirefox-devel-112.0.1-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-common-112.0.1-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64"
},
"product_reference": "MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-common-112.0.1-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le"
},
"product_reference": "MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-common-112.0.1-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x"
},
"product_reference": "MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-common-112.0.1-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64"
},
"product_reference": "MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-other-112.0.1-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64"
},
"product_reference": "MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-other-112.0.1-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le"
},
"product_reference": "MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-other-112.0.1-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x"
},
"product_reference": "MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-other-112.0.1-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
},
"product_reference": "MozillaFirefox-translations-other-112.0.1-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-29531",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-29531"
}
],
"notes": [
{
"category": "general",
"text": "An attacker could have caused an out of bounds memory access using WebGL APIs, leading to memory corruption and a potentially exploitable crash.\n\n*This bug only affects Firefox and Thunderbird for macOS. Other operating systems are unaffected.* This vulnerability affects Firefox \u003c 112, Firefox ESR \u003c 102.10, and Thunderbird \u003c 102.10.\n\n",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-29531",
"url": "https://www.suse.com/security/cve/CVE-2023-29531"
},
{
"category": "external",
"summary": "SUSE Bug 1210212 for CVE-2023-29531",
"url": "https://bugzilla.suse.com/1210212"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-29531"
},
{
"cve": "CVE-2023-29532",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-29532"
}
],
"notes": [
{
"category": "general",
"text": "A local attacker can trick the Mozilla Maintenance Service into applying an unsigned update file by pointing the service at an update file on a malicious SMB server. The update file can be replaced after the signature check, before the use, because the write-lock requested by the service does not work on a SMB server.\n\n*Note: This attack requires local system access and only affects Windows. Other operating systems are not affected.* This vulnerability affects Firefox \u003c 112, Firefox ESR \u003c 102.10, and Thunderbird \u003c 102.10.\n\n",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-29532",
"url": "https://www.suse.com/security/cve/CVE-2023-29532"
},
{
"category": "external",
"summary": "SUSE Bug 1210212 for CVE-2023-29532",
"url": "https://bugzilla.suse.com/1210212"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-29532"
},
{
"cve": "CVE-2023-29533",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-29533"
}
],
"notes": [
{
"category": "general",
"text": "A website could have obscured the fullscreen notification by using a combination of \u003ccode\u003ewindow.open\u003c/code\u003e, fullscreen requests, \u003ccode\u003ewindow.name\u003c/code\u003e assignments, and \u003ccode\u003esetInterval\u003c/code\u003e calls. This could have led to user confusion and possible spoofing attacks. This vulnerability affects Firefox \u003c 112, Focus for Android \u003c 112, Firefox ESR \u003c 102.10, Firefox for Android \u003c 112, and Thunderbird \u003c 102.10.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-29533",
"url": "https://www.suse.com/security/cve/CVE-2023-29533"
},
{
"category": "external",
"summary": "SUSE Bug 1210212 for CVE-2023-29533",
"url": "https://bugzilla.suse.com/1210212"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-29533"
},
{
"cve": "CVE-2023-29534",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-29534"
}
],
"notes": [
{
"category": "general",
"text": "Different techniques existed to obscure the fullscreen notification in Firefox and Focus for Android. These could have led to potential user confusion and spoofing attacks.\n\n*This bug only affects Firefox and Focus for Android. Other versions of Firefox are unaffected.* This vulnerability affects Firefox for Android \u003c 112 and Focus for Android \u003c 112.\n\n",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-29534",
"url": "https://www.suse.com/security/cve/CVE-2023-29534"
},
{
"category": "external",
"summary": "SUSE Bug 1212529 for CVE-2023-29534",
"url": "https://bugzilla.suse.com/1212529"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2023-29534"
},
{
"cve": "CVE-2023-29535",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-29535"
}
],
"notes": [
{
"category": "general",
"text": "Following a Garbage Collector compaction, weak maps may have been accessed before they were correctly traced. This resulted in memory corruption and a potentially exploitable crash. This vulnerability affects Firefox \u003c 112, Focus for Android \u003c 112, Firefox ESR \u003c 102.10, Firefox for Android \u003c 112, and Thunderbird \u003c 102.10.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-29535",
"url": "https://www.suse.com/security/cve/CVE-2023-29535"
},
{
"category": "external",
"summary": "SUSE Bug 1210212 for CVE-2023-29535",
"url": "https://bugzilla.suse.com/1210212"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-29535"
},
{
"cve": "CVE-2023-29536",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-29536"
}
],
"notes": [
{
"category": "general",
"text": "An attacker could cause the memory manager to incorrectly free a pointer that addresses attacker-controlled memory, resulting in an assertion, memory corruption, or a potentially exploitable crash. This vulnerability affects Firefox \u003c 112, Focus for Android \u003c 112, Firefox ESR \u003c 102.10, Firefox for Android \u003c 112, and Thunderbird \u003c 102.10.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-29536",
"url": "https://www.suse.com/security/cve/CVE-2023-29536"
},
{
"category": "external",
"summary": "SUSE Bug 1210212 for CVE-2023-29536",
"url": "https://bugzilla.suse.com/1210212"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-29536"
},
{
"cve": "CVE-2023-29537",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-29537"
}
],
"notes": [
{
"category": "general",
"text": "Multiple race conditions in the font initialization could have led to memory corruption and execution of attacker-controlled code. This vulnerability affects Firefox for Android \u003c 112, Firefox \u003c 112, and Focus for Android \u003c 112.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-29537",
"url": "https://www.suse.com/security/cve/CVE-2023-29537"
},
{
"category": "external",
"summary": "SUSE Bug 1210212 for CVE-2023-29537",
"url": "https://bugzilla.suse.com/1210212"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-29537"
},
{
"cve": "CVE-2023-29538",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-29538"
}
],
"notes": [
{
"category": "general",
"text": "Under specific circumstances a WebExtension may have received a \u003ccode\u003ejar:file:///\u003c/code\u003e URI instead of a \u003ccode\u003emoz-extension:///\u003c/code\u003e URI during a load request. This leaked directory paths on the user\u0027s machine. This vulnerability affects Firefox for Android \u003c 112, Firefox \u003c 112, and Focus for Android \u003c 112.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-29538",
"url": "https://www.suse.com/security/cve/CVE-2023-29538"
},
{
"category": "external",
"summary": "SUSE Bug 1210212 for CVE-2023-29538",
"url": "https://bugzilla.suse.com/1210212"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-29538"
},
{
"cve": "CVE-2023-29539",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-29539"
}
],
"notes": [
{
"category": "general",
"text": "When handling the filename directive in the Content-Disposition header, the filename would be truncated if the filename contained a NULL character. This could have led to reflected file download attacks potentially tricking users to install malware. This vulnerability affects Firefox \u003c 112, Focus for Android \u003c 112, Firefox ESR \u003c 102.10, Firefox for Android \u003c 112, and Thunderbird \u003c 102.10.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-29539",
"url": "https://www.suse.com/security/cve/CVE-2023-29539"
},
{
"category": "external",
"summary": "SUSE Bug 1210212 for CVE-2023-29539",
"url": "https://bugzilla.suse.com/1210212"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-29539"
},
{
"cve": "CVE-2023-29540",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-29540"
}
],
"notes": [
{
"category": "general",
"text": "Using a redirect embedded into \u003ccode\u003esourceMappingUrls\u003c/code\u003e could allow for navigation to external protocol links in sandboxed iframes without \u003ccode\u003eallow-top-navigation-to-custom-protocols\u003c/code\u003e. This vulnerability affects Firefox for Android \u003c 112, Firefox \u003c 112, and Focus for Android \u003c 112.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-29540",
"url": "https://www.suse.com/security/cve/CVE-2023-29540"
},
{
"category": "external",
"summary": "SUSE Bug 1210212 for CVE-2023-29540",
"url": "https://bugzilla.suse.com/1210212"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-29540"
},
{
"cve": "CVE-2023-29541",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-29541"
}
],
"notes": [
{
"category": "general",
"text": "Firefox did not properly handle downloads of files ending in \u003ccode\u003e.desktop\u003c/code\u003e, which can be interpreted to run attacker-controlled commands. \u003cbr\u003e*This bug only affects Firefox for Linux on certain Distributions. Other operating systems are unaffected, and Mozilla is unable to enumerate all affected Linux Distributions.*. This vulnerability affects Firefox \u003c 112, Focus for Android \u003c 112, Firefox ESR \u003c 102.10, Firefox for Android \u003c 112, and Thunderbird \u003c 102.10.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-29541",
"url": "https://www.suse.com/security/cve/CVE-2023-29541"
},
{
"category": "external",
"summary": "SUSE Bug 1210212 for CVE-2023-29541",
"url": "https://bugzilla.suse.com/1210212"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-29541"
},
{
"cve": "CVE-2023-29542",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-29542"
}
],
"notes": [
{
"category": "general",
"text": "A newline in a filename could have been used to bypass the file extension security mechanisms that replace malicious file extensions such as .lnk with .download. This could have led to accidental execution of malicious code.\n\n*This bug only affects Firefox and Thunderbird on Windows. Other versions of Firefox and Thunderbird are unaffected.* This vulnerability affects Firefox \u003c 112, Firefox ESR \u003c 102.10, and Thunderbird \u003c 102.10.\n\n",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-29542",
"url": "https://www.suse.com/security/cve/CVE-2023-29542"
},
{
"category": "external",
"summary": "SUSE Bug 1210212 for CVE-2023-29542",
"url": "https://bugzilla.suse.com/1210212"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-29542"
},
{
"cve": "CVE-2023-29543",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-29543"
}
],
"notes": [
{
"category": "general",
"text": "An attacker could have caused memory corruption and a potentially exploitable use-after-free of a pointer in a global object\u0027s debugger vector. This vulnerability affects Firefox for Android \u003c 112, Firefox \u003c 112, and Focus for Android \u003c 112.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-29543",
"url": "https://www.suse.com/security/cve/CVE-2023-29543"
},
{
"category": "external",
"summary": "SUSE Bug 1210212 for CVE-2023-29543",
"url": "https://bugzilla.suse.com/1210212"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-29543"
},
{
"cve": "CVE-2023-29544",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-29544"
}
],
"notes": [
{
"category": "general",
"text": "If multiple instances of resource exhaustion occurred at the incorrect time, the garbage collector could have caused memory corruption and a potentially exploitable crash. This vulnerability affects Firefox for Android \u003c 112, Firefox \u003c 112, and Focus for Android \u003c 112.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-29544",
"url": "https://www.suse.com/security/cve/CVE-2023-29544"
},
{
"category": "external",
"summary": "SUSE Bug 1210212 for CVE-2023-29544",
"url": "https://bugzilla.suse.com/1210212"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-29544"
},
{
"cve": "CVE-2023-29545",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-29545"
}
],
"notes": [
{
"category": "general",
"text": "Similar to CVE-2023-28163, this time when choosing \u0027Save Link As\u0027, suggested filenames containing environment variable names would have resolved those in the context of the current user. \n\n*This bug only affects Firefox and Thunderbird on Windows. Other versions of Firefox and Thunderbird are unaffected.* This vulnerability affects Firefox \u003c 112, Firefox ESR \u003c 102.10, and Thunderbird \u003c 102.10.\n\n",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-29545",
"url": "https://www.suse.com/security/cve/CVE-2023-29545"
},
{
"category": "external",
"summary": "SUSE Bug 1210212 for CVE-2023-29545",
"url": "https://bugzilla.suse.com/1210212"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-29545"
},
{
"cve": "CVE-2023-29546",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-29546"
}
],
"notes": [
{
"category": "general",
"text": "When recording the screen while in Private Browsing on Firefox for Android the address bar and keyboard were not hidden, potentially leaking sensitive information. \n\n*This bug only affects Firefox for Android. Other operating systems are unaffected.* This vulnerability affects Firefox for Android \u003c 112 and Focus for Android \u003c 112.\n\n",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-29546",
"url": "https://www.suse.com/security/cve/CVE-2023-29546"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "not set"
}
],
"title": "CVE-2023-29546"
},
{
"cve": "CVE-2023-29547",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-29547"
}
],
"notes": [
{
"category": "general",
"text": "When a secure cookie existed in the Firefox cookie jar an insecure cookie for the same domain could have been created, when it should have silently failed. This could have led to a desynchronization in expected results when reading from the secure cookie. This vulnerability affects Firefox for Android \u003c 112, Firefox \u003c 112, and Focus for Android \u003c 112.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-29547",
"url": "https://www.suse.com/security/cve/CVE-2023-29547"
},
{
"category": "external",
"summary": "SUSE Bug 1210212 for CVE-2023-29547",
"url": "https://bugzilla.suse.com/1210212"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-29547"
},
{
"cve": "CVE-2023-29548",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-29548"
}
],
"notes": [
{
"category": "general",
"text": "A wrong lowering instruction in the ARM64 Ion compiler resulted in a wrong optimization result. This vulnerability affects Firefox \u003c 112, Focus for Android \u003c 112, Firefox ESR \u003c 102.10, Firefox for Android \u003c 112, and Thunderbird \u003c 102.10.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-29548",
"url": "https://www.suse.com/security/cve/CVE-2023-29548"
},
{
"category": "external",
"summary": "SUSE Bug 1210212 for CVE-2023-29548",
"url": "https://bugzilla.suse.com/1210212"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-29548"
},
{
"cve": "CVE-2023-29549",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-29549"
}
],
"notes": [
{
"category": "general",
"text": "Under certain circumstances, a call to the \u003ccode\u003ebind\u003c/code\u003e function may have resulted in the incorrect realm. This may have created a vulnerability relating to JavaScript-implemented sandboxes such as SES. This vulnerability affects Firefox for Android \u003c 112, Firefox \u003c 112, and Focus for Android \u003c 112.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-29549",
"url": "https://www.suse.com/security/cve/CVE-2023-29549"
},
{
"category": "external",
"summary": "SUSE Bug 1210212 for CVE-2023-29549",
"url": "https://bugzilla.suse.com/1210212"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-29549"
},
{
"cve": "CVE-2023-29550",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-29550"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla developers Randell Jesup, Andrew Osmond, Sebastian Hengst, Andrew McCreight, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 111 and Firefox ESR 102.9. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 112, Focus for Android \u003c 112, Firefox ESR \u003c 102.10, Firefox for Android \u003c 112, and Thunderbird \u003c 102.10.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-29550",
"url": "https://www.suse.com/security/cve/CVE-2023-29550"
},
{
"category": "external",
"summary": "SUSE Bug 1210212 for CVE-2023-29550",
"url": "https://bugzilla.suse.com/1210212"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-29550"
},
{
"cve": "CVE-2023-29551",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-29551"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla developers Randell Jesup, Andrew McCreight, Gabriele Svelto, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 111. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox for Android \u003c 112, Firefox \u003c 112, and Focus for Android \u003c 112.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-29551",
"url": "https://www.suse.com/security/cve/CVE-2023-29551"
},
{
"category": "external",
"summary": "SUSE Bug 1210212 for CVE-2023-29551",
"url": "https://bugzilla.suse.com/1210212"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-29551"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…