Download
| Alert*
oval:org.secpod.oval:def:507061
Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 91.11. Security Fix: * Mozilla: CSP sandbox header without `allow-scripts` can be bypassed via retargeted javascript: URI * Mozilla: Use-after-free in nsSHistory * Mozilla: A popup window cou ... oval:org.secpod.oval:def:608637 Multiple security issues were discovered in Thunderbird, which could result in denial of service or the execution of arbitrary code. oval:org.secpod.oval:def:507067 Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 91.11. Security Fix: * Mozilla: CSP sandbox header without `allow-scripts` can be bypassed via retargeted javascript: URI * Mozilla: Use-after-free in nsSHistory * Mozilla: A popup window cou ... oval:org.secpod.oval:def:507065 Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 91.11. Security Fix: * Mozilla: CSP sandbox header without `allow-scripts` can be bypassed via retargeted javascript: URI * Mozilla: Use-after-free in nsSHistory * Mozilla: A popup window cou ... oval:org.secpod.oval:def:1505858 [91.11.0-2.0.1] - Replaced upstream package with oracle-indexhtml [Orabug: 33802044] - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file - Removed Upstream references [91.11.0-2] - Update to 91.11.0 build2 oval:org.secpod.oval:def:507053 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 91.11 ESR. Security Fix: * Mozilla: CSP sandbox header without `allow-scripts` can be bypassed via retargeted javascript: URI * Mozilla: Use-after- ... oval:org.secpod.oval:def:507052 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 91.11 ESR. Security Fix: * Mozilla: CSP sandbox header without `allow-scripts` can be bypassed via retargeted javascript: URI * Mozilla: Use-after- ... oval:org.secpod.oval:def:507035 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 91.11 ESR. Security Fix: * Mozilla: CSP sandbox header without `allow-scripts` can be bypassed via retargeted javascript: URI * Mozilla: Use-after- ... oval:org.secpod.oval:def:608620 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or spoofing. oval:org.secpod.oval:def:3301250 SUSE Security Update: Security update for MozillaThunderbird oval:org.secpod.oval:def:1505865 [91.11.0-2.0.1] - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Reference oracle-indexhtml within Requires [Orabug: 33802044] [91.11.0-2] - Update to 91.11.0 build2 [91.11.0-1] - Update to 91.11.0 build1 oval:org.secpod.oval:def:1505822 [91.11.0-2.0.1] - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Enabled aarch64 build [91.11.0-2] - Update to 91.11.0 build2 [91.11.0-1] - Update to 91.11.0 build1 oval:org.secpod.oval:def:81800 Mozilla Firefox ESR 91.11, Mozilla Thunderbird 91.11 and Mozilla Thunderbird 102.0 : An attacker could have injected CSS into stylesheets accessible via internal URIs, such as resource, and in doing so bypass a page's Content Security Policy. oval:org.secpod.oval:def:81765 Mozilla Firefox ESR 91.11, Mozilla Thunderbird 91.11 and Mozilla Thunderbird 102 : An attacker could have injected CSS into stylesheets accessible via internal URIs, such as resource:, and in doing so bypass a page's Content Security Policy. oval:org.secpod.oval:def:80749 Mozilla Firefox 101.0 : An attacker could have injected CSS into stylesheets accessible via internal URIs, such as resource:, and in doing so bypass a page's Content Security Policy. oval:org.secpod.oval:def:2600014 Mozilla Thunderbird is a standalone mail and newsgroup client. oval:org.secpod.oval:def:2107732 Oracle Solaris 11 - ( CVE-2022-2200 ) oval:org.secpod.oval:def:4500948 Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 91.11. Security Fix: * Mozilla: CSP sandbox header without `allow-scripts` can be bypassed via retargeted javascript: URI * Mozilla: Use-after-free in nsSHistory * Mozilla: A popup window cou ... oval:org.secpod.oval:def:1505797 [91.11.0-2.0.1] - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js [91.11.0-2] - Update to 91.11.0 build2 [91.11.0-1] - Update to 91.11.0 build1 oval:org.secpod.oval:def:2107905 Oracle Solaris 11 - ( CVE-2022-34484 ) oval:org.secpod.oval:def:1505796 [91.11.0-2.0.1] - Removed Upstream references - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file [91.11.0-2] - Update to 91.11.0 build2 [91.11.0-1] - Update to 91.11.0 build1 oval:org.secpod.oval:def:89047445 This update for MozillaFirefox fixes the following issues: Update to Firefox Extended Support Release 91.11.0 ESR : - CVE-2022-2200: Undesired attributes could be set as part of prototype pollution - CVE-2022-31744: CSP bypass enabling stylesheet injection - CVE-2022-34468: CSP sandbox header wit ... oval:org.secpod.oval:def:89046753 This update for MozillaFirefox fixes the following issues: Update to Firefox Extended Support Release 91.11.0 ESR : - CVE-2022-2200: Undesired attributes could be set as part of prototype pollution - CVE-2022-31744: CSP bypass enabling stylesheet injection - CVE-2022-34468: CSP sandbox header wit ... oval:org.secpod.oval:def:81760 The host is missing a high severity security update according to the Mozilla advisory MFSA2022-26 and is prone to multiple vulnerabilities. The flaws are present in the application, which fails to properly handle unspecified vectors. Successful exploitation allows an attacker to have unspecified imp ... oval:org.secpod.oval:def:3300595 SUSE Security Update: Security update for MozillaThunderbird oval:org.secpod.oval:def:1505798 [91.11.0-2.0.1] - Remove upstream references [Orabug: 30143292] - Update distribution for Oracle Linux [Orabug: 30143292] - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file - Enabled aarch64 build [91.11.0-2] - Update to 91.11.0 build2 [91.11.0-1] - Update to 91.11.0 bui ... oval:org.secpod.oval:def:205967 Security Fix: Mozilla: CSP sandbox header without `allow-scripts` can be bypassed via retargeted javascript: URI Mozilla: Use-after-free in nsSHistory Mozilla: A popup window could be resized in a way to overlay the address bar with web content Mozilla: Memory safety bugs fixed in Firefox 102 and ... oval:org.secpod.oval:def:205969 Security Fix: Mozilla: CSP sandbox header without `allow-scripts` can be bypassed via retargeted javascript: URI Mozilla: Use-after-free in nsSHistory Mozilla: A popup window could be resized in a way to overlay the address bar with web content Mozilla: Memory safety bugs fixed in Firefox 102 and ... oval:org.secpod.oval:def:81761 The host is missing a high severity security update according to the Mozilla advisory MFSA2022-25 and is prone to multiple vulnerabilities. The flaws are present in the application, which fails to properly handle unspecified vectors. Successful exploitation allows an attacker to have unspecified imp ... oval:org.secpod.oval:def:3300634 SUSE Security Update: Security update for MozillaFirefox oval:org.secpod.oval:def:88372 Multiple security issues were discovered in Thunderbird, which could result in denial of service or the execution of arbitrary code. oval:org.secpod.oval:def:88370 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or spoofing. oval:org.secpod.oval:def:4500978 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 91.11 ESR. Security Fix: * Mozilla: CSP sandbox header without `allow-scripts` can be bypassed via retargeted javascript: URI * Mozilla: Use-after- ... oval:org.secpod.oval:def:89046747 This update for MozillaFirefox fixes the following issues: Update to Firefox Extended Support Release 91.11.0 ESR : - CVE-2022-2200: Undesired attributes could be set as part of prototype pollution - CVE-2022-31744: CSP bypass enabling stylesheet injection - CVE-2022-34468: CSP sandbox header wit ... oval:org.secpod.oval:def:89046745 This update for MozillaFirefox fixes the following issues: Update to Firefox Extended Support Release 91.11.0 ESR : - CVE-2022-2200: Undesired attributes could be set as part of prototype pollution - CVE-2022-31744: CSP bypass enabling stylesheet injection - CVE-2022-34468: CSP sandbox header wit ... oval:org.secpod.oval:def:81797 The host is missing a high severity security update according to the Mozilla advisory MFSA2022-25 and is prone to multiple vulnerabilities. The flaws are present in the application, which fails to properly handle unspecified vectors. Successful exploitation allows an attacker to have unspecified imp ... oval:org.secpod.oval:def:81796 The host is missing a high severity security update according to the Mozilla advisory MFSA2022-26 and is prone to multiple vulnerabilities. The flaws are present in the application, which fails to properly handle unspecified vectors. Successful exploitation allows an attacker to have unspecified imp ... oval:org.secpod.oval:def:88541 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:80739 The host is missing a high severity security update according to the Mozilla advisory MFSA2022-20 and is prone to multiple vulnerabilities. The flaws are present in the application, which fails to properly handle unspecified vectors. Successful exploitation allows an attacker to have unspecified imp ... oval:org.secpod.oval:def:707149 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:80575 The host is missing a high severity security update according to the Mozilla advisory MFSA2022-20 and is prone to multiple vulnerabilities. The flaws are present in the application, which fails to properly handle unspecified vectors. Successful exploitation allows an attacker to have unspecified imp ... oval:org.secpod.oval:def:80587 Mozilla Firefox 101.0 : An attacker could have injected CSS into stylesheets accessible via internal URIs, such as resource:, and in doing so bypass a page's Content Security Policy. |