Download
| Alert*
oval:org.secpod.oval:def:78183
firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:89045917 This update for MozillaFirefox fixes the following issues: - CVE-2021-4140: Fixed iframe sandbox bypass with XSLT . - CVE-2022-22737: Fixed race condition when playing audio files . - CVE-2022-22738: Fixed heap-buffer-overflow in blendGaussianBlur . - CVE-2022-22739: Fixed missing throttling on exte ... oval:org.secpod.oval:def:78147 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, information disclosure, denial of service or spoofing. oval:org.secpod.oval:def:506652 Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 91.5.0. Security Fix: * Mozilla: Iframe sandbox bypass with XSLT * Mozilla: Race condition when playing audio files * Mozilla: Heap-buffer-overflow in blendGaussianBlur * Mozilla: Use-after- ... oval:org.secpod.oval:def:78148 Multiple security issues were discovered in Thunderbird, which could result in denial of service or the execution of arbitrary code. oval:org.secpod.oval:def:506651 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 91.5.0 ESR. Security Fix: * Mozilla: Iframe sandbox bypass with XSLT * Mozilla: Race condition when playing audio files * Mozilla: Heap-buffer-ove ... oval:org.secpod.oval:def:89045904 This update for MozillaFirefox fixes the following issues: - CVE-2021-4140: Fixed iframe sandbox bypass with XSLT . - CVE-2022-22737: Fixed race condition when playing audio files . - CVE-2022-22738: Fixed heap-buffer-overflow in blendGaussianBlur . - CVE-2022-22739: Fixed missing throttling on exte ... oval:org.secpod.oval:def:506647 Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 91.5.0. Security Fix: * Mozilla: Iframe sandbox bypass with XSLT * Mozilla: Race condition when playing audio files * Mozilla: Heap-buffer-overflow in blendGaussianBlur * Mozilla: Use-after- ... oval:org.secpod.oval:def:89045911 This update for MozillaFirefox fixes the following issues: - CVE-2021-4140: Fixed iframe sandbox bypass with XSLT . - CVE-2022-22737: Fixed race condition when playing audio files . - CVE-2022-22738: Fixed heap-buffer-overflow in blendGaussianBlur . - CVE-2022-22739: Fixed missing throttling on exte ... oval:org.secpod.oval:def:89045930 This update for MozillaFirefox fixes the following issues: - CVE-2021-4140: Fixed iframe sandbox bypass with XSLT . - CVE-2022-22737: Fixed race condition when playing audio files . - CVE-2022-22738: Fixed heap-buffer-overflow in blendGaussianBlur . - CVE-2022-22739: Fixed missing throttling on exte ... oval:org.secpod.oval:def:506649 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 91.5.0 ESR. Security Fix: * Mozilla: Iframe sandbox bypass with XSLT * Mozilla: Race condition when playing audio files * Mozilla: Heap-buffer-ove ... oval:org.secpod.oval:def:1700938 crossbeam-deque is a package of work-stealing deques for building task schedulers when programming in Rust. In versions prior to 0.7.4 and 0.8.0, the result of the race condition is that one or more tasks in the worker queue can be popped twice instead of other tasks that are forgotten and never pop ... oval:org.secpod.oval:def:2500529 Mozilla Thunderbird is a standalone mail and newsgroup client. oval:org.secpod.oval:def:605744 Multiple security issues were discovered in Thunderbird, which could result in denial of service or the execution of arbitrary code. oval:org.secpod.oval:def:4501105 Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 91.5.0. Security Fix: * Mozilla: Iframe sandbox bypass with XSLT * Mozilla: Race condition when playing audio files * Mozilla: Heap-buffer-overflow in blendGaussianBlur * Mozilla: Use-after- ... oval:org.secpod.oval:def:1505371 [91.5.0-1.0.1] - Removed Upstream references - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file [91.5.0-1] - Update to 91.5.0 build1 oval:org.secpod.oval:def:1505370 [91.5.0-1.0.1] - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js [91.5.0-1] - Update to 91.5.0 build1 oval:org.secpod.oval:def:2107115 Oracle Solaris 11 - ( CVE-2021-4140 ) oval:org.secpod.oval:def:706281 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:77233 The host is missing a high severity security update according to the Mozilla advisory MFSA2022-02 and is prone to multiple vulnerabilities. The flaws are present in the application, which fails to properly handle unspecified vectors. Successful exploitation allows an attacker to cause unspecified im ... oval:org.secpod.oval:def:89047449 This update for MozillaFirefox fixes the following issues: - CVE-2021-4140: Fixed iframe sandbox bypass with XSLT . - CVE-2022-22737: Fixed race condition when playing audio files . - CVE-2022-22738: Fixed heap-buffer-overflow in blendGaussianBlur . - CVE-2022-22739: Fixed missing throttling on exte ... oval:org.secpod.oval:def:77232 The host is missing a high severity security update according to the Mozilla advisory MFSA2022-03 and is prone to multiple vulnerabilities. The flaws are present in the application, which fails to properly handle unspecified vectors. Successful exploitation allows an attacker to cause unspecified im ... oval:org.secpod.oval:def:1505372 [91.5.0-1.0.1] - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js [91.5.0-1] - Update to 91.5.0 build1 oval:org.secpod.oval:def:1505415 [91.5.0-1.0.2] - Enabled aarch64 builds [91.5.0-1.0.1] - Remove upstream references [Orabug: 30143292] - Update distribution for Oracle Linux [Orabug: 30143292] - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file [91.5.0-1] - Update to 91.5.0 build1 oval:org.secpod.oval:def:205928 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 91.5.0 ESR. Security Fix: * Mozilla: Iframe sandbox bypass with XSLT * Mozilla: Race condition when playing audio files * Mozilla: Heap-buffer-ove ... oval:org.secpod.oval:def:605741 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, information disclosure, denial of service or spoofing. oval:org.secpod.oval:def:4501070 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 91.5.0 ESR. Security Fix: * Mozilla: Iframe sandbox bypass with XSLT * Mozilla: Race condition when playing audio files * Mozilla: Heap-buffer-ove ... oval:org.secpod.oval:def:1700864 The Mozilla Foundation Security Advisory describes this flaw as:It was possible to construct specific XSLT markup that would be able to bypass an iframe sandbox. The Mozilla Foundation Security Advisory describes this flaw as:Constructing audio sinks could have lead to a race condition when playing ... oval:org.secpod.oval:def:205931 Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 91.5.0. Security Fix: * Mozilla: Iframe sandbox bypass with XSLT * Mozilla: Race condition when playing audio files * Mozilla: Heap-buffer-overflow in blendGaussianBlur * Mozilla: Use-after- ... oval:org.secpod.oval:def:77183 The host is missing a high severity security update according to the Mozilla advisory MFSA2022-03 and is prone to multiple vulnerabilities. The flaws are present in the application, which fails to properly handle unspecified vectors. Successful exploitation allows an attacker to cause unspecified im ... oval:org.secpod.oval:def:77182 The host is missing a high severity security update according to the Mozilla advisory MFSA2022-02 and is prone to multiple vulnerabilities. The flaws are present in the application, which fails to properly handle unspecified vectors. Successful exploitation allows an attacker to cause unspecified im ... oval:org.secpod.oval:def:77181 The host is missing a high severity security update according to the Mozilla advisory MFSA2022-01 and is prone to multiple vulnerabilities. The flaws are present in the application, which fails to properly handle unspecified vectors. Successful exploitation allows an attacker to cause unspecified im ... oval:org.secpod.oval:def:2500521 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. oval:org.secpod.oval:def:77186 Mozilla Firefox 96, Mozilla Firefox ESR 91.5 and Mozilla Thunderbird 91.5: Applying a CSS filter effect could have accessed out of bounds memory. This could have lead to a heap-buffer-overflow causing a potentially exploitable crash. oval:org.secpod.oval:def:706289 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:706288 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:78188 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:77231 The host is missing a high severity security update according to the Mozilla advisory MFSA2022-01 and is prone to multiple vulnerabilities. The flaws are present in the application, which fails to properly handle unspecified vectors. Successful exploitation allows an attacker to cause unspecified im ... oval:org.secpod.oval:def:77237 Mozilla Firefox 96, Mozilla Firefox ESR 91.5 and Mozilla Thunderbird 91.5: Applying a CSS filter effect could have accessed out of bounds memory. This could have lead to a heap-buffer-overflow causing a potentially exploitable crash. |