Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2023-4863 (GCVE-0-2023-4863)
Vulnerability from cvelistv5 – Published: 2023-09-12 14:24 – Updated: 2025-10-21 23:05
VLAI
EPSS
CISA KEV
Summary
Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical)
Severity
8.8 (High)
CWE
- Heap buffer overflow
Assigner
References
45 references
Impacted products
CISA KEV
Known Exploited Vulnerability - GCVE BCP-07 Compliant
KEV entry ID: 75d8c2b1-8c26-406a-b06a-7d4b7a0a022c
Exploited: Yes
Timestamps
First Seen: 2023-09-13
Asserted: 2023-09-13
Scope
Notes: KEV entry: Google Chromium WebP Heap-Based Buffer Overflow Vulnerability | Affected: Google / Chromium WebP | Description: Google Chromium WebP contains a heap-based buffer overflow vulnerability that allows a remote attacker to perform an out-of-bounds memory write via a crafted HTML page. This vulnerability can affect applications that use the WebP Codec. | Required action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable. | Due date: 2023-10-04 | Known ransomware campaign use (KEV): Unknown | Notes (KEV): https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_11.html?m=1; https://nvd.nist.gov/vuln/detail/CVE-2023-4863
Evidence
Type: Vendor Report
Signal: Successful Exploitation
Confidence: 80%
Source: cisa-kev
Details
| Cwes | CWE-787 |
|---|---|
| Feed | CISA Known Exploited Vulnerabilities Catalog |
| Product | Chromium WebP |
| Due Date | 2023-10-04 |
| Date Added | 2023-09-13 |
| Vendorproject | |
| Vulnerabilityname | Google Chromium WebP Heap-Based Buffer Overflow Vulnerability |
| Knownransomwarecampaignuse | Unknown |
References
Created: 2026-02-02 13:24 UTC
| Updated: 2026-02-06 07:53 UTC
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-19T07:48:10.265Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_11.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://crbug.com/1479274"
},
{
"tags": [
"x_transferred"
],
"url": "https://en.bandisoft.com/honeyview/history/"
},
{
"tags": [
"x_transferred"
],
"url": "https://stackdiary.com/critical-vulnerability-in-webp-codec-cve-2023-4863/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-40/"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/webmproject/libwebp/commit/902bc9190331343b2017211debcec8d2ab87e17a"
},
{
"tags": [
"x_transferred"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-4863"
},
{
"tags": [
"x_transferred"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2023-4863"
},
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1215231"
},
{
"tags": [
"x_transferred"
],
"url": "https://news.ycombinator.com/item?id=37478403"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.bleepingcomputer.com/news/google/google-fixes-another-chrome-zero-day-bug-exploited-in-attacks/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5496"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5497"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OZDGWWMJREPAGKWCJKSCM4WYLANSKIFX/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FYYKLG6CRGEDTNRBSU26EEWAO6D6U645/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PYZV7TMKF4QHZ54SFJX54BDN52VHGGCX/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00015.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WHOLML7N2G5KCAZXFWC5IDFFHSQS5SDB/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5498"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202309-05"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00016.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T655QF7CQ3DYAMPFV7IECQYGDEUIVVT/"
},
{
"tags": [
"x_transferred"
],
"url": "https://adamcaudill.com/2023/09/14/whose-cve-is-it-anyway/"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/webmproject/libwebp/releases/tag/v1.3.2"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00017.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KUQ7CTX3W372X3UY56VVNAHCH6H2F4X3/"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/09/21/4"
},
{
"tags": [
"x_transferred"
],
"url": "https://blog.isosceles.com/the-webp-0day/"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/09/22/1"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/09/22/3"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/09/22/4"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/09/22/5"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/09/22/8"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/09/22/7"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/09/22/6"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/09/26/1"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/09/26/7"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/09/28/1"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/09/28/2"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/09/28/4"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20230929-0011/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WTRUIS3564P7ZLM2S2IH4Y4KZ327LI4I/"
},
{
"tags": [
"x_transferred"
],
"url": "https://sethmlarson.dev/security-developer-in-residence-weekly-report-16"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.bentley.com/advisories/be-2023-0001/"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202401-10"
},
{
"url": "https://www.vicarius.io/vsociety/posts/zero-day-webp-vulnerability-cve-2023-4863"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-4863",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2023-11-28T05:00:18.341149Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2023-09-13",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-4863"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T23:05:38.429Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-4863"
}
],
"timeline": [
{
"lang": "en",
"time": "2023-09-13T00:00:00.000Z",
"value": "CVE-2023-4863 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Chrome",
"vendor": "Google",
"versions": [
{
"lessThan": "116.0.5845.187",
"status": "affected",
"version": "116.0.5845.187",
"versionType": "custom"
}
]
},
{
"product": "libwebp",
"vendor": "Google",
"versions": [
{
"lessThan": "1.3.2",
"status": "affected",
"version": "1.3.2",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical)"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Heap buffer overflow",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-07T11:07:27.027Z",
"orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"shortName": "Chrome"
},
"references": [
{
"url": "https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_11.html"
},
{
"url": "https://crbug.com/1479274"
},
{
"url": "https://en.bandisoft.com/honeyview/history/"
},
{
"url": "https://stackdiary.com/critical-vulnerability-in-webp-codec-cve-2023-4863/"
},
{
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-40/"
},
{
"url": "https://github.com/webmproject/libwebp/commit/902bc9190331343b2017211debcec8d2ab87e17a"
},
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-4863"
},
{
"url": "https://security-tracker.debian.org/tracker/CVE-2023-4863"
},
{
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1215231"
},
{
"url": "https://news.ycombinator.com/item?id=37478403"
},
{
"url": "https://www.bleepingcomputer.com/news/google/google-fixes-another-chrome-zero-day-bug-exploited-in-attacks/"
},
{
"url": "https://www.debian.org/security/2023/dsa-5496"
},
{
"url": "https://www.debian.org/security/2023/dsa-5497"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OZDGWWMJREPAGKWCJKSCM4WYLANSKIFX/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FYYKLG6CRGEDTNRBSU26EEWAO6D6U645/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PYZV7TMKF4QHZ54SFJX54BDN52VHGGCX/"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00015.html"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WHOLML7N2G5KCAZXFWC5IDFFHSQS5SDB/"
},
{
"url": "https://www.debian.org/security/2023/dsa-5498"
},
{
"url": "https://security.gentoo.org/glsa/202309-05"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00016.html"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T655QF7CQ3DYAMPFV7IECQYGDEUIVVT/"
},
{
"url": "https://adamcaudill.com/2023/09/14/whose-cve-is-it-anyway/"
},
{
"url": "https://github.com/webmproject/libwebp/releases/tag/v1.3.2"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00017.html"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KUQ7CTX3W372X3UY56VVNAHCH6H2F4X3/"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/09/21/4"
},
{
"url": "https://blog.isosceles.com/the-webp-0day/"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/09/22/1"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/09/22/3"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/09/22/4"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/09/22/5"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/09/22/8"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/09/22/7"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/09/22/6"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/09/26/1"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/09/26/7"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/09/28/1"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/09/28/2"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/09/28/4"
},
{
"url": "https://security.netapp.com/advisory/ntap-20230929-0011/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WTRUIS3564P7ZLM2S2IH4Y4KZ327LI4I/"
},
{
"url": "https://sethmlarson.dev/security-developer-in-residence-weekly-report-16"
},
{
"url": "https://www.bentley.com/advisories/be-2023-0001/"
},
{
"url": "https://security.gentoo.org/glsa/202401-10"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"assignerShortName": "Chrome",
"cveId": "CVE-2023-4863",
"datePublished": "2023-09-12T14:24:59.275Z",
"dateReserved": "2023-09-09T01:02:58.312Z",
"dateUpdated": "2025-10-21T23:05:38.429Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"cisa_known_exploited": {
"cveID": "CVE-2023-4863",
"cwes": "[\"CWE-787\"]",
"dateAdded": "2023-09-13",
"dueDate": "2023-10-04",
"knownRansomwareCampaignUse": "Unknown",
"notes": "https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_11.html?m=1; https://nvd.nist.gov/vuln/detail/CVE-2023-4863",
"product": "Chromium WebP",
"requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"shortDescription": "Google Chromium WebP contains a heap-based buffer overflow vulnerability that allows a remote attacker to perform an out-of-bounds memory write via a crafted HTML page. This vulnerability can affect applications that use the WebP Codec.",
"vendorProject": "Google",
"vulnerabilityName": "Google Chromium WebP Heap-Based Buffer Overflow Vulnerability"
},
"epss": {
"cve": "CVE-2023-4863",
"date": "2026-05-29",
"epss": "0.93301",
"percentile": "0.99816"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2023-4863\",\"sourceIdentifier\":\"chrome-cve-admin@google.com\",\"published\":\"2023-09-12T15:15:24.327\",\"lastModified\":\"2025-10-24T14:07:28.793\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical)\"},{\"lang\":\"es\",\"value\":\"El desbordamiento del b\u00fafer de memoria en libwebp en Google Chrome anterior a 116.0.5845.187 y libwebp 1.3.2 permit\u00eda a un atacante remoto realizar una escritura en memoria fuera de los l\u00edmites a trav\u00e9s de una p\u00e1gina HTML manipulada. (Severidad de seguridad de Chromium: cr\u00edtica)\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9}]},\"cisaExploitAdd\":\"2023-09-13\",\"cisaActionDue\":\"2023-10-04\",\"cisaRequiredAction\":\"Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.\",\"cisaVulnerabilityName\":\"Google Chromium WebP Heap-Based Buffer Overflow Vulnerability\",\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-787\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-787\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"116.0.5845.187\",\"matchCriteriaId\":\"856C1821-5D22-4A4E-859D-8F5305255AB7\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E30D0E6F-4AE8-4284-8716-991DFA48CC5D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CC559B26-5DFC-4B7A-A27C-B77DE755DFF9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07B237A9-69A3-4A9C-9DA0-4E06BD37AE73\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FA6FEEC2-9F11-4643-8827-749718254FED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"46D69DCC-AE4D-4EA5-861C-D60951444C6C\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:*:*:*:*:esr:*:*:*\",\"versionEndExcluding\":\"102.15.1\",\"matchCriteriaId\":\"54B8855E-19B9-4D20-9B93-A5219F077335\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:*:*:*:*:-:*:*:*\",\"versionEndExcluding\":\"117.0.1\",\"matchCriteriaId\":\"FBA8858E-AB6C-4708-820D-3F9D8D5A077F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:*:*:*:*:esr:*:*:*\",\"versionStartIncluding\":\"115.1.0\",\"versionEndExcluding\":\"115.2.1\",\"matchCriteriaId\":\"6C494574-4187-4BC7-816B-6C1C288D711E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"102.15.1\",\"matchCriteriaId\":\"A073724D-52BD-4426-B58D-7A8BD24B8F8E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"115.0\",\"versionEndExcluding\":\"115.2.2\",\"matchCriteriaId\":\"952BEC0C-2DB0-476A-AF62-1269F8635B4A\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:edge_chromium:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"116.0.1938.81\",\"matchCriteriaId\":\"0C8F8BD1-1D13-4605-BF19-E4292E2D6A00\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:teams:*:*:*:*:*:macos:*:*\",\"versionEndExcluding\":\"1.6.00.26463\",\"matchCriteriaId\":\"11C16818-7453-46CB-89C2-2A4D4452A198\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:teams:*:*:*:*:desktop:*:*:*\",\"versionEndExcluding\":\"1.6.00.26474\",\"matchCriteriaId\":\"46625A28-312D-4406-87AE-8A7C93222A45\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:webp_image_extension:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.0.62681.0\",\"matchCriteriaId\":\"201D3850-75A4-4CB4-A312-B01BF51C7C8A\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:webmproject:libwebp:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.3.2\",\"matchCriteriaId\":\"2804DDE4-B0A4-4B7F-A318-F491B6316B34\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*\",\"matchCriteriaId\":\"3A756737-1CC4-42C2-A4DF-E1C893B4E2D5\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bentley:seequent_leapfrog:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2023.2\",\"matchCriteriaId\":\"E50A797C-2C6C-46A5-A9D0-8CD877EBA3CD\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bandisoft:honeyview:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"5.51\",\"matchCriteriaId\":\"A9D1BE06-A20B-43F3-B78D-21F2FF20026C\"}]}]}],\"references\":[{\"url\":\"http://www.openwall.com/lists/oss-security/2023/09/21/4\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/09/22/1\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/09/22/3\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/09/22/4\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/09/22/5\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/09/22/6\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/09/22/7\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/09/22/8\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/09/26/1\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/09/26/7\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/09/28/1\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/09/28/2\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/09/28/4\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://adamcaudill.com/2023/09/14/whose-cve-is-it-anyway/\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://blog.isosceles.com/the-webp-0day/\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.suse.com/show_bug.cgi?id=1215231\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_11.html\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://crbug.com/1479274\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Issue Tracking\",\"Vendor Advisory\"]},{\"url\":\"https://en.bandisoft.com/honeyview/history/\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/webmproject/libwebp/commit/902bc9190331343b2017211debcec8d2ab87e17a\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/webmproject/libwebp/releases/tag/v1.3.2\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/09/msg00015.html\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/09/msg00016.html\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/09/msg00017.html\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T655QF7CQ3DYAMPFV7IECQYGDEUIVVT/\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FYYKLG6CRGEDTNRBSU26EEWAO6D6U645/\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KUQ7CTX3W372X3UY56VVNAHCH6H2F4X3/\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OZDGWWMJREPAGKWCJKSCM4WYLANSKIFX/\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PYZV7TMKF4QHZ54SFJX54BDN52VHGGCX/\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WHOLML7N2G5KCAZXFWC5IDFFHSQS5SDB/\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WTRUIS3564P7ZLM2S2IH4Y4KZ327LI4I/\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-4863\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://news.ycombinator.com/item?id=37478403\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://security-tracker.debian.org/tracker/CVE-2023-4863\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/202309-05\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/202401-10\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20230929-0011/\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://sethmlarson.dev/security-developer-in-residence-weekly-report-16\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Exploit\"]},{\"url\":\"https://stackdiary.com/critical-vulnerability-in-webp-codec-cve-2023-4863/\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://www.bentley.com/advisories/be-2023-0001/\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.bleepingcomputer.com/news/google/google-fixes-another-chrome-zero-day-bug-exploited-in-attacks/\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2023/dsa-5496\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://www.debian.org/security/2023/dsa-5497\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://www.debian.org/security/2023/dsa-5498\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://www.mozilla.org/en-US/security/advisories/mfsa2023-40/\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/09/21/4\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/09/22/1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/09/22/3\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/09/22/4\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/09/22/5\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/09/22/6\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/09/22/7\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/09/22/8\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/09/26/1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/09/26/7\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/09/28/1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/09/28/2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/09/28/4\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://adamcaudill.com/2023/09/14/whose-cve-is-it-anyway/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://blog.isosceles.com/the-webp-0day/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.suse.com/show_bug.cgi?id=1215231\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_11.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://crbug.com/1479274\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Vendor Advisory\"]},{\"url\":\"https://en.bandisoft.com/honeyview/history/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/webmproject/libwebp/commit/902bc9190331343b2017211debcec8d2ab87e17a\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/webmproject/libwebp/releases/tag/v1.3.2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/09/msg00015.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/09/msg00016.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/09/msg00017.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T655QF7CQ3DYAMPFV7IECQYGDEUIVVT/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FYYKLG6CRGEDTNRBSU26EEWAO6D6U645/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KUQ7CTX3W372X3UY56VVNAHCH6H2F4X3/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OZDGWWMJREPAGKWCJKSCM4WYLANSKIFX/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PYZV7TMKF4QHZ54SFJX54BDN52VHGGCX/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WHOLML7N2G5KCAZXFWC5IDFFHSQS5SDB/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WTRUIS3564P7ZLM2S2IH4Y4KZ327LI4I/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-4863\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://news.ycombinator.com/item?id=37478403\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://security-tracker.debian.org/tracker/CVE-2023-4863\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/202309-05\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/202401-10\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20230929-0011/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://sethmlarson.dev/security-developer-in-residence-weekly-report-16\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\"]},{\"url\":\"https://stackdiary.com/critical-vulnerability-in-webp-codec-cve-2023-4863/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://www.bentley.com/advisories/be-2023-0001/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.bleepingcomputer.com/news/google/google-fixes-another-chrome-zero-day-bug-exploited-in-attacks/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2023/dsa-5496\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://www.debian.org/security/2023/dsa-5497\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://www.debian.org/security/2023/dsa-5498\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://www.mozilla.org/en-US/security/advisories/mfsa2023-40/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.vicarius.io/vsociety/posts/zero-day-webp-vulnerability-cve-2023-4863\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-4863\",\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"tags\":[\"US Government Resource\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_11.html\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://crbug.com/1479274\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://en.bandisoft.com/honeyview/history/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://stackdiary.com/critical-vulnerability-in-webp-codec-cve-2023-4863/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.mozilla.org/en-US/security/advisories/mfsa2023-40/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/webmproject/libwebp/commit/902bc9190331343b2017211debcec8d2ab87e17a\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-4863\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://security-tracker.debian.org/tracker/CVE-2023-4863\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://bugzilla.suse.com/show_bug.cgi?id=1215231\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://news.ycombinator.com/item?id=37478403\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.bleepingcomputer.com/news/google/google-fixes-another-chrome-zero-day-bug-exploited-in-attacks/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.debian.org/security/2023/dsa-5496\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.debian.org/security/2023/dsa-5497\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OZDGWWMJREPAGKWCJKSCM4WYLANSKIFX/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FYYKLG6CRGEDTNRBSU26EEWAO6D6U645/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PYZV7TMKF4QHZ54SFJX54BDN52VHGGCX/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/09/msg00015.html\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WHOLML7N2G5KCAZXFWC5IDFFHSQS5SDB/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.debian.org/security/2023/dsa-5498\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://security.gentoo.org/glsa/202309-05\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/09/msg00016.html\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T655QF7CQ3DYAMPFV7IECQYGDEUIVVT/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://adamcaudill.com/2023/09/14/whose-cve-is-it-anyway/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/webmproject/libwebp/releases/tag/v1.3.2\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/09/msg00017.html\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KUQ7CTX3W372X3UY56VVNAHCH6H2F4X3/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/09/21/4\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://blog.isosceles.com/the-webp-0day/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/09/22/1\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/09/22/3\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/09/22/4\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/09/22/5\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/09/22/8\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/09/22/7\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/09/22/6\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/09/26/1\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/09/26/7\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/09/28/1\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/09/28/2\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/09/28/4\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20230929-0011/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WTRUIS3564P7ZLM2S2IH4Y4KZ327LI4I/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://sethmlarson.dev/security-developer-in-residence-weekly-report-16\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.bentley.com/advisories/be-2023-0001/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://security.gentoo.org/glsa/202401-10\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.vicarius.io/vsociety/posts/zero-day-webp-vulnerability-cve-2023-4863\"}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-19T07:48:10.265Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 8.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-4863\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"active\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2023-11-28T05:00:18.341149Z\"}}}, {\"other\": {\"type\": \"kev\", \"content\": {\"dateAdded\": \"2023-09-13\", \"reference\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-4863\"}}}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2023-09-13T00:00:00.000Z\", \"value\": \"CVE-2023-4863 added to CISA KEV\"}], \"references\": [{\"url\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-4863\", \"tags\": [\"government-resource\"]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-787\", \"description\": \"CWE-787 Out-of-bounds Write\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-02-03T14:04:35.481Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"Google\", \"product\": \"Chrome\", \"versions\": [{\"status\": \"affected\", \"version\": \"116.0.5845.187\", \"lessThan\": \"116.0.5845.187\", \"versionType\": \"custom\"}]}, {\"vendor\": \"Google\", \"product\": \"libwebp\", \"versions\": [{\"status\": \"affected\", \"version\": \"1.3.2\", \"lessThan\": \"1.3.2\", \"versionType\": \"custom\"}]}], \"references\": [{\"url\": \"https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_11.html\"}, {\"url\": \"https://crbug.com/1479274\"}, {\"url\": \"https://en.bandisoft.com/honeyview/history/\"}, {\"url\": \"https://stackdiary.com/critical-vulnerability-in-webp-codec-cve-2023-4863/\"}, {\"url\": \"https://www.mozilla.org/en-US/security/advisories/mfsa2023-40/\"}, {\"url\": \"https://github.com/webmproject/libwebp/commit/902bc9190331343b2017211debcec8d2ab87e17a\"}, {\"url\": \"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-4863\"}, {\"url\": \"https://security-tracker.debian.org/tracker/CVE-2023-4863\"}, {\"url\": \"https://bugzilla.suse.com/show_bug.cgi?id=1215231\"}, {\"url\": \"https://news.ycombinator.com/item?id=37478403\"}, {\"url\": \"https://www.bleepingcomputer.com/news/google/google-fixes-another-chrome-zero-day-bug-exploited-in-attacks/\"}, {\"url\": \"https://www.debian.org/security/2023/dsa-5496\"}, {\"url\": \"https://www.debian.org/security/2023/dsa-5497\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OZDGWWMJREPAGKWCJKSCM4WYLANSKIFX/\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FYYKLG6CRGEDTNRBSU26EEWAO6D6U645/\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PYZV7TMKF4QHZ54SFJX54BDN52VHGGCX/\"}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/09/msg00015.html\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WHOLML7N2G5KCAZXFWC5IDFFHSQS5SDB/\"}, {\"url\": \"https://www.debian.org/security/2023/dsa-5498\"}, {\"url\": \"https://security.gentoo.org/glsa/202309-05\"}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/09/msg00016.html\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T655QF7CQ3DYAMPFV7IECQYGDEUIVVT/\"}, {\"url\": \"https://adamcaudill.com/2023/09/14/whose-cve-is-it-anyway/\"}, {\"url\": \"https://github.com/webmproject/libwebp/releases/tag/v1.3.2\"}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/09/msg00017.html\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KUQ7CTX3W372X3UY56VVNAHCH6H2F4X3/\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/09/21/4\"}, {\"url\": \"https://blog.isosceles.com/the-webp-0day/\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/09/22/1\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/09/22/3\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/09/22/4\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/09/22/5\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/09/22/8\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/09/22/7\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/09/22/6\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/09/26/1\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/09/26/7\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/09/28/1\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/09/28/2\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/09/28/4\"}, {\"url\": \"https://security.netapp.com/advisory/ntap-20230929-0011/\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WTRUIS3564P7ZLM2S2IH4Y4KZ327LI4I/\"}, {\"url\": \"https://sethmlarson.dev/security-developer-in-residence-weekly-report-16\"}, {\"url\": \"https://www.bentley.com/advisories/be-2023-0001/\"}, {\"url\": \"https://security.gentoo.org/glsa/202401-10\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical)\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"description\": \"Heap buffer overflow\"}]}], \"providerMetadata\": {\"orgId\": \"ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28\", \"shortName\": \"Chrome\", \"dateUpdated\": \"2024-01-07T11:07:27.027Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2023-4863\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-10-21T23:05:38.429Z\", \"dateReserved\": \"2023-09-09T01:02:58.312Z\", \"assignerOrgId\": \"ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28\", \"datePublished\": \"2023-09-12T14:24:59.275Z\", \"assignerShortName\": \"Chrome\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
SUSE-SU-2023:3664-1
Vulnerability from csaf_suse - Published: 2023-09-18 19:50 - Updated: 2023-09-18 19:50Summary
Security update for MozillaThunderbird
Severity
Critical
Notes
Title of the patch: Security update for MozillaThunderbird
Description of the patch: This update for MozillaThunderbird fixes the following issues:
Security fixes:
- Mozilla Thunderbird 115.2.2 (MFSA 2023-40, bsc#1215245)
- CVE-2023-4863: Fixed heap buffer overflow in libwebp (bmo#1852649).
- Mozilla Thunderbird 115.2 (MFSA 2023-38, bsc#1214606)
- CVE-2023-4573: Memory corruption in IPC CanvasTranslator (bmo#1846687)
- CVE-2023-4574: Memory corruption in IPC ColorPickerShownCallback (bmo#1846688)
- CVE-2023-4575: Memory corruption in IPC FilePickerShownCallback (bmo#1846689)
- CVE-2023-4576: Integer Overflow in RecordedSourceSurfaceCreation (bmo#1846694)
- CVE-2023-4577: Memory corruption in JIT UpdateRegExpStatics (bmo#1847397)
- CVE-2023-4051: Full screen notification obscured by file open dialog (bmo#1821884)
- CVE-2023-4578: Error reporting methods in SpiderMonkey could have triggered an Out of Memory Exception (bmo#1839007)
- CVE-2023-4053: Full screen notification obscured by external program (bmo#1839079)
- CVE-2023-4580: Push notifications saved to disk unencrypted (bmo#1843046)
- CVE-2023-4581: XLL file extensions were downloadable without warnings (bmo#1843758)
- CVE-2023-4582: Buffer Overflow in WebGL glGetProgramiv (bmo#1773874)
- CVE-2023-4583: Browsing Context potentially not cleared when closing Private Window (bmo#1842030)
- CVE-2023-4584: Memory safety bugs fixed in Firefox 117, Firefox ESR 102.15, Firefox ESR 115.2, Thunderbird 102.15, and Thunderbird 115.2 (bmo#1843968, bmo#1845205, bmo#1846080, bmo#1846526, bmo#1847529)
- CVE-2023-4585: Memory safety bugs fixed in Firefox 117, Firefox ESR 115.2, and Thunderbird 115.2 (bmo#1751583, bmo#1833504, bmo#1841082, bmo#1847904, bmo#1848999)
Other fixes:
Mozilla Thunderbird 115.2.1
* new: Column separators are now shown between all columns in
tree view (bmo#1847441)
* fixed: Crash reporter did not work in Thunderbird Flatpak
(bmo#1843102)
* fixed: New mail notification always opened message in message
pane, even if pane was disabled (bmo#1840092)
* fixed: After moving an IMAP message to another folder, the
incorrect message was selected in the message list
(bmo#1845376)
* fixed: Adding a tag to an IMAP message opened in a tab failed
(bmo#1844452)
* fixed: Junk/Spam folders were not always shown in Unified
Folders mode (bmo#1838672)
* fixed: Middle-clicking a folder or message did not open it in
a background tab, as in previous versions (bmo#1842482)
* fixed: Settings tab visual improvements: Advanced Fonts
dialog, Section headers hidden behind search box
(bmo#1717382,bmo#1846751)
* fixed: Various visual and style fixes
(bmo#1843707,bmo#1849823)
Mozilla Thunderbird 115.2
* new: Thunderbird MSIX packages are now published on
archive.mozilla.org (bmo#1817657)
* changed: Size, Unread, and Total columns are now right-
aligned (bmo#1848604)
* changed: Newsgroup names in message list header are now
abbreviated (bmo#1833298)
* fixed: Message compose window did not apply theme colors to
menus (bmo#1845699)
* fixed: Reading the second new message in a folder cleared the
unread indicator of all other new messages (bmo#1839805)
* fixed: Displayed counts of unread or flagged messages could
become out-of-sync (bmo#1846860)
* fixed: Deleting a message from the context menu with messages
sorted in chronological order and smooth scroll enabled
caused message list to scroll to top (bmo#1843462)
* fixed: Repeatedly switching accounts in Subscribe dialog
caused tree view to stop updating (bmo#1845593)
* fixed: 'Ignore thread' caused message cards to display
incorrectly in message list (bmo#1847966)
* fixed: Creating tags from unified toolbar failed
(bmo#1846336)
* fixed: Cross-folder navigation using F and N did not work
(bmo#1845011)
* fixed: Account Manager did not resize to fit content, causing
'Close' button to become hidden outside bounds of dialog when
too many accounts were listed (bmo#1847555)
* fixed: Remote content exceptions could not be added in
Settings (bmo#1847576)
* fixed: Newsgroup list file did not get updated after adding a
new NNTP server (bmo#1845464)
* fixed: 'Download all headers' option in NNTP 'Download
Headers' dialog was incorrectly selected by default
(bmo#1845457)
* fixed: 'Convert to event/task' was missing from mail context
menu (bmo#1817705)
* fixed: Events and tasks were not shown in some cases despite
being present on remote server (bmo#1827100)
* fixed: Various visual and UX improvements
(bmo#1844244,bmo#1845645)
- Mozilla Thunderbird 115.1.1
* fixed: Some HTML emails printed headers on first page and
message on subsequent pages (bmo#1843628)
* fixed: Deleting messages from message list sometimes scrolled
list to bottom, selecting bottommost message (bmo#1835173)
* fixed: Width of icon columns (like Junk or Starred) in
message list did not adjust when UI density was changed
(bmo#1843014)
* fixed: Old OpenPGP secret keys could not be used to decrypt
messages under certain circumstances (bmo#1835786)
* fixed: When multiple folder modes were active, tab focus
navigated through all folder mode options before reaching
message list (bmo#1842060)
* fixed: Unread message count badge was not displayed on parent
folders of subfolder containing unread messages (bmo#1844534)
* fixed: 'Undo archive' (via Ctrl-Z) did not un-archive
previously archived messages (bmo#1829340)
* fixed: 'New' button dropdown menu in 'Message Filters' dialog
could not be opened via keyboard navigation (bmo#1843511)
* fixed: 'Show New Mail Alert for' input field in 'Customize
New Mail Alert' dialog had zero width when using certain
language packs (bmo#1845832)
* fixed: 'Account Wizard' dialog was too narrow when adding a
news server, partially hiding confirmation buttons
(bmo#1846588)
* fixed: Link Properties and Image Properties dialogs in the
composer were too wide (bmo#1816850)
* fixed: Thunderbird version number and details in 'About'
dialog were not automatically read by screen readers when
first opening dialog (bmo#1847078)
* fixed: Flatpak improvements and bug fixes
(bmo#1825399,bmo#1843094,bmo#1843097)
* fixed: Various visual and UX improvements (bmo#1846262)
Patchnames: SUSE-2023-3664,SUSE-SLE-Module-Packagehub-Subpackages-15-SP4-2023-3664,SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2023-3664,SUSE-SLE-Product-WE-15-SP4-2023-3664,SUSE-SLE-Product-WE-15-SP5-2023-3664,openSUSE-SLE-15.4-2023-3664,openSUSE-SLE-15.5-2023-3664
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.5 (High)
Affected products
Recommended
48 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.5 (Medium)
Affected products
Recommended
48 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.5 (Medium)
Affected products
Recommended
48 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6.5 (Medium)
Affected products
Recommended
48 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6.5 (Medium)
Affected products
Recommended
48 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.6 (High)
Affected products
Recommended
48 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6.5 (Medium)
Affected products
Recommended
48 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6.5 (Medium)
Affected products
Recommended
48 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6.5 (Medium)
Affected products
Recommended
48 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
4.3 (Medium)
Affected products
Recommended
48 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.8 (High)
Affected products
Recommended
48 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
48 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.8 (High)
Affected products
Recommended
48 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.8 (High)
Affected products
Recommended
48 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.8 (High)
Affected products
Recommended
48 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
54 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for MozillaThunderbird",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for MozillaThunderbird fixes the following issues:\n\nSecurity fixes:\n\n- Mozilla Thunderbird 115.2.2 (MFSA 2023-40, bsc#1215245)\n - CVE-2023-4863: Fixed heap buffer overflow in libwebp (bmo#1852649).\n \n- Mozilla Thunderbird 115.2 (MFSA 2023-38, bsc#1214606)\n - CVE-2023-4573: Memory corruption in IPC CanvasTranslator (bmo#1846687) \n - CVE-2023-4574: Memory corruption in IPC ColorPickerShownCallback (bmo#1846688) \n - CVE-2023-4575: Memory corruption in IPC FilePickerShownCallback (bmo#1846689) \n - CVE-2023-4576: Integer Overflow in RecordedSourceSurfaceCreation (bmo#1846694) \n - CVE-2023-4577: Memory corruption in JIT UpdateRegExpStatics (bmo#1847397) \n - CVE-2023-4051: Full screen notification obscured by file open dialog (bmo#1821884) \n - CVE-2023-4578: Error reporting methods in SpiderMonkey could have triggered an Out of Memory Exception (bmo#1839007) \n - CVE-2023-4053: Full screen notification obscured by external program (bmo#1839079) \n - CVE-2023-4580: Push notifications saved to disk unencrypted (bmo#1843046) \n - CVE-2023-4581: XLL file extensions were downloadable without warnings (bmo#1843758) \n - CVE-2023-4582: Buffer Overflow in WebGL glGetProgramiv (bmo#1773874) \n - CVE-2023-4583: Browsing Context potentially not cleared when closing Private Window (bmo#1842030) \n - CVE-2023-4584: Memory safety bugs fixed in Firefox 117, Firefox ESR 102.15, Firefox ESR 115.2, Thunderbird 102.15, and Thunderbird 115.2 (bmo#1843968, bmo#1845205, bmo#1846080, bmo#1846526, bmo#1847529) \n - CVE-2023-4585: Memory safety bugs fixed in Firefox 117, Firefox ESR 115.2, and Thunderbird 115.2 (bmo#1751583, bmo#1833504, bmo#1841082, bmo#1847904, bmo#1848999) \n\nOther fixes:\n\nMozilla Thunderbird 115.2.1\n * new: Column separators are now shown between all columns in\n tree view (bmo#1847441)\n * fixed: Crash reporter did not work in Thunderbird Flatpak\n (bmo#1843102)\n * fixed: New mail notification always opened message in message\n pane, even if pane was disabled (bmo#1840092)\n * fixed: After moving an IMAP message to another folder, the\n incorrect message was selected in the message list\n (bmo#1845376)\n * fixed: Adding a tag to an IMAP message opened in a tab failed\n (bmo#1844452)\n * fixed: Junk/Spam folders were not always shown in Unified\n Folders mode (bmo#1838672)\n * fixed: Middle-clicking a folder or message did not open it in\n a background tab, as in previous versions (bmo#1842482)\n * fixed: Settings tab visual improvements: Advanced Fonts\n dialog, Section headers hidden behind search box\n (bmo#1717382,bmo#1846751)\n * fixed: Various visual and style fixes\n (bmo#1843707,bmo#1849823)\n \nMozilla Thunderbird 115.2\n * new: Thunderbird MSIX packages are now published on\n archive.mozilla.org (bmo#1817657)\n * changed: Size, Unread, and Total columns are now right-\n aligned (bmo#1848604)\n * changed: Newsgroup names in message list header are now\n abbreviated (bmo#1833298)\n * fixed: Message compose window did not apply theme colors to\n menus (bmo#1845699)\n * fixed: Reading the second new message in a folder cleared the\n unread indicator of all other new messages (bmo#1839805)\n * fixed: Displayed counts of unread or flagged messages could\n become out-of-sync (bmo#1846860)\n * fixed: Deleting a message from the context menu with messages\n sorted in chronological order and smooth scroll enabled\n caused message list to scroll to top (bmo#1843462)\n * fixed: Repeatedly switching accounts in Subscribe dialog\n caused tree view to stop updating (bmo#1845593)\n * fixed: \u0027Ignore thread\u0027 caused message cards to display\n incorrectly in message list (bmo#1847966)\n * fixed: Creating tags from unified toolbar failed\n (bmo#1846336)\n * fixed: Cross-folder navigation using F and N did not work\n (bmo#1845011)\n * fixed: Account Manager did not resize to fit content, causing\n \u0027Close\u0027 button to become hidden outside bounds of dialog when\n too many accounts were listed (bmo#1847555)\n * fixed: Remote content exceptions could not be added in\n Settings (bmo#1847576)\n * fixed: Newsgroup list file did not get updated after adding a\n new NNTP server (bmo#1845464)\n * fixed: \u0027Download all headers\u0027 option in NNTP \u0027Download\n Headers\u0027 dialog was incorrectly selected by default\n (bmo#1845457)\n * fixed: \u0027Convert to event/task\u0027 was missing from mail context\n menu (bmo#1817705)\n * fixed: Events and tasks were not shown in some cases despite\n being present on remote server (bmo#1827100)\n * fixed: Various visual and UX improvements\n (bmo#1844244,bmo#1845645)\n\n- Mozilla Thunderbird 115.1.1\n * fixed: Some HTML emails printed headers on first page and\n message on subsequent pages (bmo#1843628)\n * fixed: Deleting messages from message list sometimes scrolled\n list to bottom, selecting bottommost message (bmo#1835173)\n * fixed: Width of icon columns (like Junk or Starred) in\n message list did not adjust when UI density was changed\n (bmo#1843014)\n * fixed: Old OpenPGP secret keys could not be used to decrypt\n messages under certain circumstances (bmo#1835786)\n * fixed: When multiple folder modes were active, tab focus\n navigated through all folder mode options before reaching\n message list (bmo#1842060)\n * fixed: Unread message count badge was not displayed on parent\n folders of subfolder containing unread messages (bmo#1844534)\n * fixed: \u0027Undo archive\u0027 (via Ctrl-Z) did not un-archive\n previously archived messages (bmo#1829340)\n * fixed: \u0027New\u0027 button dropdown menu in \u0027Message Filters\u0027 dialog\n could not be opened via keyboard navigation (bmo#1843511)\n * fixed: \u0027Show New Mail Alert for\u0027 input field in \u0027Customize\n New Mail Alert\u0027 dialog had zero width when using certain\n language packs (bmo#1845832)\n * fixed: \u0027Account Wizard\u0027 dialog was too narrow when adding a\n news server, partially hiding confirmation buttons\n (bmo#1846588)\n * fixed: Link Properties and Image Properties dialogs in the\n composer were too wide (bmo#1816850)\n * fixed: Thunderbird version number and details in \u0027About\u0027\n dialog were not automatically read by screen readers when\n first opening dialog (bmo#1847078)\n * fixed: Flatpak improvements and bug fixes\n (bmo#1825399,bmo#1843094,bmo#1843097)\n * fixed: Various visual and UX improvements (bmo#1846262)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2023-3664,SUSE-SLE-Module-Packagehub-Subpackages-15-SP4-2023-3664,SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2023-3664,SUSE-SLE-Product-WE-15-SP4-2023-3664,SUSE-SLE-Product-WE-15-SP5-2023-3664,openSUSE-SLE-15.4-2023-3664,openSUSE-SLE-15.5-2023-3664",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_3664-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2023:3664-1",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20233664-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2023:3664-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-September/016188.html"
},
{
"category": "self",
"summary": "SUSE Bug 1214606",
"url": "https://bugzilla.suse.com/1214606"
},
{
"category": "self",
"summary": "SUSE Bug 1215231",
"url": "https://bugzilla.suse.com/1215231"
},
{
"category": "self",
"summary": "SUSE Bug 1215245",
"url": "https://bugzilla.suse.com/1215245"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-4051 page",
"url": "https://www.suse.com/security/cve/CVE-2023-4051/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-4053 page",
"url": "https://www.suse.com/security/cve/CVE-2023-4053/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-4573 page",
"url": "https://www.suse.com/security/cve/CVE-2023-4573/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-4574 page",
"url": "https://www.suse.com/security/cve/CVE-2023-4574/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-4575 page",
"url": "https://www.suse.com/security/cve/CVE-2023-4575/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-4576 page",
"url": "https://www.suse.com/security/cve/CVE-2023-4576/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-4577 page",
"url": "https://www.suse.com/security/cve/CVE-2023-4577/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-4578 page",
"url": "https://www.suse.com/security/cve/CVE-2023-4578/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-4580 page",
"url": "https://www.suse.com/security/cve/CVE-2023-4580/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-4581 page",
"url": "https://www.suse.com/security/cve/CVE-2023-4581/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-4582 page",
"url": "https://www.suse.com/security/cve/CVE-2023-4582/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-4583 page",
"url": "https://www.suse.com/security/cve/CVE-2023-4583/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-4584 page",
"url": "https://www.suse.com/security/cve/CVE-2023-4584/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-4585 page",
"url": "https://www.suse.com/security/cve/CVE-2023-4585/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-4863 page",
"url": "https://www.suse.com/security/cve/CVE-2023-4863/"
}
],
"title": "Security update for MozillaThunderbird",
"tracking": {
"current_release_date": "2023-09-18T19:50:30Z",
"generator": {
"date": "2023-09-18T19:50:30Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2023:3664-1",
"initial_release_date": "2023-09-18T19:50:30Z",
"revision_history": [
{
"date": "2023-09-18T19:50:30Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"product": {
"name": "MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"product_id": "MozillaThunderbird-115.2.2-150200.8.130.1.aarch64"
}
},
{
"category": "product_version",
"name": "MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"product": {
"name": "MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"product_id": "MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64"
}
},
{
"category": "product_version",
"name": "MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"product": {
"name": "MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"product_id": "MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "MozillaThunderbird-115.2.2-150200.8.130.1.i686",
"product": {
"name": "MozillaThunderbird-115.2.2-150200.8.130.1.i686",
"product_id": "MozillaThunderbird-115.2.2-150200.8.130.1.i686"
}
},
{
"category": "product_version",
"name": "MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.i686",
"product": {
"name": "MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.i686",
"product_id": "MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.i686"
}
},
{
"category": "product_version",
"name": "MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.i686",
"product": {
"name": "MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.i686",
"product_id": "MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.i686"
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"product": {
"name": "MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"product_id": "MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le"
}
},
{
"category": "product_version",
"name": "MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"product": {
"name": "MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"product_id": "MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le"
}
},
{
"category": "product_version",
"name": "MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"product": {
"name": "MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"product_id": "MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"product": {
"name": "MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"product_id": "MozillaThunderbird-115.2.2-150200.8.130.1.s390x"
}
},
{
"category": "product_version",
"name": "MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"product": {
"name": "MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"product_id": "MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x"
}
},
{
"category": "product_version",
"name": "MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"product": {
"name": "MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"product_id": "MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"product": {
"name": "MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"product_id": "MozillaThunderbird-115.2.2-150200.8.130.1.x86_64"
}
},
{
"category": "product_version",
"name": "MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"product": {
"name": "MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"product_id": "MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64"
}
},
{
"category": "product_version",
"name": "MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"product": {
"name": "MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"product_id": "MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Package Hub 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Module for Package Hub 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:packagehub:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Package Hub 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Module for Package Hub 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:packagehub:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Workstation Extension 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Workstation Extension 15 SP4",
"product_id": "SUSE Linux Enterprise Workstation Extension 15 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-we:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Workstation Extension 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Workstation Extension 15 SP5",
"product_id": "SUSE Linux Enterprise Workstation Extension 15 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-we:15:sp5"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.4",
"product": {
"name": "openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.4"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.5",
"product": {
"name": "openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-115.2.2-150200.8.130.1.aarch64 as component of SUSE Linux Enterprise Module for Package Hub 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64"
},
"product_reference": "MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le as component of SUSE Linux Enterprise Module for Package Hub 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le"
},
"product_reference": "MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-115.2.2-150200.8.130.1.s390x as component of SUSE Linux Enterprise Module for Package Hub 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x"
},
"product_reference": "MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64 as component of SUSE Linux Enterprise Module for Package Hub 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64"
},
"product_reference": "MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le as component of SUSE Linux Enterprise Module for Package Hub 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le"
},
"product_reference": "MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x as component of SUSE Linux Enterprise Module for Package Hub 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x"
},
"product_reference": "MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64 as component of SUSE Linux Enterprise Module for Package Hub 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64"
},
"product_reference": "MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le as component of SUSE Linux Enterprise Module for Package Hub 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le"
},
"product_reference": "MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x as component of SUSE Linux Enterprise Module for Package Hub 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x"
},
"product_reference": "MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-115.2.2-150200.8.130.1.aarch64 as component of SUSE Linux Enterprise Module for Package Hub 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64"
},
"product_reference": "MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le as component of SUSE Linux Enterprise Module for Package Hub 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le"
},
"product_reference": "MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-115.2.2-150200.8.130.1.s390x as component of SUSE Linux Enterprise Module for Package Hub 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x"
},
"product_reference": "MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64 as component of SUSE Linux Enterprise Module for Package Hub 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64"
},
"product_reference": "MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le as component of SUSE Linux Enterprise Module for Package Hub 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le"
},
"product_reference": "MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x as component of SUSE Linux Enterprise Module for Package Hub 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x"
},
"product_reference": "MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64 as component of SUSE Linux Enterprise Module for Package Hub 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64"
},
"product_reference": "MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le as component of SUSE Linux Enterprise Module for Package Hub 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le"
},
"product_reference": "MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x as component of SUSE Linux Enterprise Module for Package Hub 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x"
},
"product_reference": "MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-115.2.2-150200.8.130.1.x86_64 as component of SUSE Linux Enterprise Workstation Extension 15 SP4",
"product_id": "SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64"
},
"product_reference": "MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Workstation Extension 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64 as component of SUSE Linux Enterprise Workstation Extension 15 SP4",
"product_id": "SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64"
},
"product_reference": "MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Workstation Extension 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64 as component of SUSE Linux Enterprise Workstation Extension 15 SP4",
"product_id": "SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64"
},
"product_reference": "MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Workstation Extension 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-115.2.2-150200.8.130.1.x86_64 as component of SUSE Linux Enterprise Workstation Extension 15 SP5",
"product_id": "SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64"
},
"product_reference": "MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Workstation Extension 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64 as component of SUSE Linux Enterprise Workstation Extension 15 SP5",
"product_id": "SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64"
},
"product_reference": "MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Workstation Extension 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64 as component of SUSE Linux Enterprise Workstation Extension 15 SP5",
"product_id": "SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64"
},
"product_reference": "MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Workstation Extension 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-115.2.2-150200.8.130.1.aarch64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64"
},
"product_reference": "MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le"
},
"product_reference": "MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-115.2.2-150200.8.130.1.s390x as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x"
},
"product_reference": "MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-115.2.2-150200.8.130.1.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64"
},
"product_reference": "MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64"
},
"product_reference": "MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le"
},
"product_reference": "MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x"
},
"product_reference": "MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64"
},
"product_reference": "MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64"
},
"product_reference": "MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le"
},
"product_reference": "MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x"
},
"product_reference": "MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64"
},
"product_reference": "MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-115.2.2-150200.8.130.1.aarch64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64"
},
"product_reference": "MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le"
},
"product_reference": "MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-115.2.2-150200.8.130.1.s390x as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x"
},
"product_reference": "MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-115.2.2-150200.8.130.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64"
},
"product_reference": "MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64"
},
"product_reference": "MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le"
},
"product_reference": "MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x"
},
"product_reference": "MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64"
},
"product_reference": "MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64"
},
"product_reference": "MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le"
},
"product_reference": "MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x"
},
"product_reference": "MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64"
},
"product_reference": "MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-4051",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-4051"
}
],
"notes": [
{
"category": "general",
"text": "A website could have obscured the full screen notification by using the file open dialog. This could have led to user confusion and possible spoofing attacks. This vulnerability affects Firefox \u003c 116, Firefox ESR \u003c 115.2, and Thunderbird \u003c 115.2.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-4051",
"url": "https://www.suse.com/security/cve/CVE-2023-4051"
},
{
"category": "external",
"summary": "SUSE Bug 1213746 for CVE-2023-4051",
"url": "https://bugzilla.suse.com/1213746"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-09-18T19:50:30Z",
"details": "moderate"
}
],
"title": "CVE-2023-4051"
},
{
"cve": "CVE-2023-4053",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-4053"
}
],
"notes": [
{
"category": "general",
"text": "A website could have obscured the full screen notification by using a URL with a scheme handled by an external program, such as a mailto URL. This could have led to user confusion and possible spoofing attacks. This vulnerability affects Firefox \u003c 116, Firefox ESR \u003c 115.2, and Thunderbird \u003c 115.2.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-4053",
"url": "https://www.suse.com/security/cve/CVE-2023-4053"
},
{
"category": "external",
"summary": "SUSE Bug 1213746 for CVE-2023-4053",
"url": "https://bugzilla.suse.com/1213746"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-09-18T19:50:30Z",
"details": "moderate"
}
],
"title": "CVE-2023-4053"
},
{
"cve": "CVE-2023-4573",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-4573"
}
],
"notes": [
{
"category": "general",
"text": "When receiving rendering data over IPC `mStream` could have been destroyed when initialized, which could have led to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox \u003c 117, Firefox ESR \u003c 102.15, Firefox ESR \u003c 115.2, Thunderbird \u003c 102.15, and Thunderbird \u003c 115.2.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-4573",
"url": "https://www.suse.com/security/cve/CVE-2023-4573"
},
{
"category": "external",
"summary": "SUSE Bug 1214606 for CVE-2023-4573",
"url": "https://bugzilla.suse.com/1214606"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-09-18T19:50:30Z",
"details": "important"
}
],
"title": "CVE-2023-4573"
},
{
"cve": "CVE-2023-4574",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-4574"
}
],
"notes": [
{
"category": "general",
"text": "When creating a callback over IPC for showing the Color Picker window, multiple of the same callbacks could have been created at a time and eventually all simultaneously destroyed as soon as one of the callbacks finished. This could have led to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox \u003c 117, Firefox ESR \u003c 102.15, Firefox ESR \u003c 115.2, Thunderbird \u003c 102.15, and Thunderbird \u003c 115.2.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-4574",
"url": "https://www.suse.com/security/cve/CVE-2023-4574"
},
{
"category": "external",
"summary": "SUSE Bug 1214606 for CVE-2023-4574",
"url": "https://bugzilla.suse.com/1214606"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-09-18T19:50:30Z",
"details": "important"
}
],
"title": "CVE-2023-4574"
},
{
"cve": "CVE-2023-4575",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-4575"
}
],
"notes": [
{
"category": "general",
"text": "When creating a callback over IPC for showing the File Picker window, multiple of the same callbacks could have been created at a time and eventually all simultaneously destroyed as soon as one of the callbacks finished. This could have led to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox \u003c 117, Firefox ESR \u003c 102.15, Firefox ESR \u003c 115.2, Thunderbird \u003c 102.15, and Thunderbird \u003c 115.2.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-4575",
"url": "https://www.suse.com/security/cve/CVE-2023-4575"
},
{
"category": "external",
"summary": "SUSE Bug 1214606 for CVE-2023-4575",
"url": "https://bugzilla.suse.com/1214606"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-09-18T19:50:30Z",
"details": "important"
}
],
"title": "CVE-2023-4575"
},
{
"cve": "CVE-2023-4576",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-4576"
}
],
"notes": [
{
"category": "general",
"text": "On Windows, an integer overflow could occur in `RecordedSourceSurfaceCreation` which resulted in a heap buffer overflow potentially leaking sensitive data that could have led to a sandbox escape.\n*This bug only affects Firefox on Windows. Other operating systems are unaffected.* This vulnerability affects Firefox \u003c 117, Firefox ESR \u003c 102.15, Firefox ESR \u003c 115.2, Thunderbird \u003c 102.15, and Thunderbird \u003c 115.2.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-4576",
"url": "https://www.suse.com/security/cve/CVE-2023-4576"
},
{
"category": "external",
"summary": "SUSE Bug 1214606 for CVE-2023-4576",
"url": "https://bugzilla.suse.com/1214606"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-09-18T19:50:30Z",
"details": "important"
}
],
"title": "CVE-2023-4576"
},
{
"cve": "CVE-2023-4577",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-4577"
}
],
"notes": [
{
"category": "general",
"text": "When `UpdateRegExpStatics` attempted to access `initialStringHeap` it could already have been garbage collected prior to entering the function, which could potentially have led to an exploitable crash. This vulnerability affects Firefox \u003c 117, Firefox ESR \u003c 115.2, and Thunderbird \u003c 115.2.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-4577",
"url": "https://www.suse.com/security/cve/CVE-2023-4577"
},
{
"category": "external",
"summary": "SUSE Bug 1214606 for CVE-2023-4577",
"url": "https://bugzilla.suse.com/1214606"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-09-18T19:50:30Z",
"details": "important"
}
],
"title": "CVE-2023-4577"
},
{
"cve": "CVE-2023-4578",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-4578"
}
],
"notes": [
{
"category": "general",
"text": "When calling `JS::CheckRegExpSyntax` a Syntax Error could have been set which would end in calling `convertToRuntimeErrorAndClear`. A path in the function could attempt to allocate memory when none is available which would have caused a newly created Out of Memory exception to be mishandled as a Syntax Error. This vulnerability affects Firefox \u003c 117, Firefox ESR \u003c 115.2, and Thunderbird \u003c 115.2.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-4578",
"url": "https://www.suse.com/security/cve/CVE-2023-4578"
},
{
"category": "external",
"summary": "SUSE Bug 1214606 for CVE-2023-4578",
"url": "https://bugzilla.suse.com/1214606"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-09-18T19:50:30Z",
"details": "important"
}
],
"title": "CVE-2023-4578"
},
{
"cve": "CVE-2023-4580",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-4580"
}
],
"notes": [
{
"category": "general",
"text": "Push notifications stored on disk in private browsing mode were not being encrypted potentially allowing the leak of sensitive information. This vulnerability affects Firefox \u003c 117, Firefox ESR \u003c 115.2, and Thunderbird \u003c 115.2.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-4580",
"url": "https://www.suse.com/security/cve/CVE-2023-4580"
},
{
"category": "external",
"summary": "SUSE Bug 1214606 for CVE-2023-4580",
"url": "https://bugzilla.suse.com/1214606"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-09-18T19:50:30Z",
"details": "important"
}
],
"title": "CVE-2023-4580"
},
{
"cve": "CVE-2023-4581",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-4581"
}
],
"notes": [
{
"category": "general",
"text": "Excel `.xll` add-in files did not have a blocklist entry in Firefox\u0027s executable blocklist which allowed them to be downloaded without any warning of their potential harm. This vulnerability affects Firefox \u003c 117, Firefox ESR \u003c 102.15, Firefox ESR \u003c 115.2, Thunderbird \u003c 102.15, and Thunderbird \u003c 115.2.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-4581",
"url": "https://www.suse.com/security/cve/CVE-2023-4581"
},
{
"category": "external",
"summary": "SUSE Bug 1214606 for CVE-2023-4581",
"url": "https://bugzilla.suse.com/1214606"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-09-18T19:50:30Z",
"details": "important"
}
],
"title": "CVE-2023-4581"
},
{
"cve": "CVE-2023-4582",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-4582"
}
],
"notes": [
{
"category": "general",
"text": "Due to large allocation checks in Angle for glsl shaders being too lenient a buffer overflow could have occurred when allocating too much private shader memory on mac OS. \n*This bug only affects Firefox on macOS. Other operating systems are unaffected.* This vulnerability affects Firefox \u003c 117, Firefox ESR \u003c 115.2, and Thunderbird \u003c 115.2.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-4582",
"url": "https://www.suse.com/security/cve/CVE-2023-4582"
},
{
"category": "external",
"summary": "SUSE Bug 1214606 for CVE-2023-4582",
"url": "https://bugzilla.suse.com/1214606"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-09-18T19:50:30Z",
"details": "important"
}
],
"title": "CVE-2023-4582"
},
{
"cve": "CVE-2023-4583",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-4583"
}
],
"notes": [
{
"category": "general",
"text": "When checking if the Browsing Context had been discarded in `HttpBaseChannel`, if the load group was not available then it was assumed to have already been discarded which was not always the case for private channels after the private session had ended. This vulnerability affects Firefox \u003c 117, Firefox ESR \u003c 115.2, and Thunderbird \u003c 115.2.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-4583",
"url": "https://www.suse.com/security/cve/CVE-2023-4583"
},
{
"category": "external",
"summary": "SUSE Bug 1214606 for CVE-2023-4583",
"url": "https://bugzilla.suse.com/1214606"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-09-18T19:50:30Z",
"details": "important"
}
],
"title": "CVE-2023-4583"
},
{
"cve": "CVE-2023-4584",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-4584"
}
],
"notes": [
{
"category": "general",
"text": "Memory safety bugs present in Firefox 116, Firefox ESR 102.14, Firefox ESR 115.1, Thunderbird 102.14, and Thunderbird 115.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 117, Firefox ESR \u003c 102.15, Firefox ESR \u003c 115.2, Thunderbird \u003c 102.15, and Thunderbird \u003c 115.2.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-4584",
"url": "https://www.suse.com/security/cve/CVE-2023-4584"
},
{
"category": "external",
"summary": "SUSE Bug 1214606 for CVE-2023-4584",
"url": "https://bugzilla.suse.com/1214606"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-09-18T19:50:30Z",
"details": "important"
}
],
"title": "CVE-2023-4584"
},
{
"cve": "CVE-2023-4585",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-4585"
}
],
"notes": [
{
"category": "general",
"text": "Memory safety bugs present in Firefox 116, Firefox ESR 115.1, and Thunderbird 115.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 117, Firefox ESR \u003c 115.2, and Thunderbird \u003c 115.2.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-4585",
"url": "https://www.suse.com/security/cve/CVE-2023-4585"
},
{
"category": "external",
"summary": "SUSE Bug 1214606 for CVE-2023-4585",
"url": "https://bugzilla.suse.com/1214606"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-09-18T19:50:30Z",
"details": "important"
}
],
"title": "CVE-2023-4585"
},
{
"cve": "CVE-2023-4863",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-4863"
}
],
"notes": [
{
"category": "general",
"text": "Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-4863",
"url": "https://www.suse.com/security/cve/CVE-2023-4863"
},
{
"category": "external",
"summary": "SUSE Bug 1215231 for CVE-2023-4863",
"url": "https://bugzilla.suse.com/1215231"
},
{
"category": "external",
"summary": "SUSE Bug 1217115 for CVE-2023-4863",
"url": "https://bugzilla.suse.com/1217115"
},
{
"category": "external",
"summary": "SUSE Bug 1217117 for CVE-2023-4863",
"url": "https://bugzilla.suse.com/1217117"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-translations-common-115.2.2-150200.8.130.1.x86_64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.aarch64",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.ppc64le",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.s390x",
"openSUSE Leap 15.5:MozillaThunderbird-translations-other-115.2.2-150200.8.130.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-09-18T19:50:30Z",
"details": "important"
}
],
"title": "CVE-2023-4863"
}
]
}
SUSE-SU-2023:3794-1
Vulnerability from csaf_suse - Published: 2023-09-26 16:06 - Updated: 2023-09-26 16:06Summary
Security update for libwebp
Severity
Critical
Notes
Title of the patch: Security update for libwebp
Description of the patch: This update for libwebp fixes the following issues:
- CVE-2023-4863: Fixed a heap buffer overflow (bsc#1215231).
Patchnames: HPE-Helion-OpenStack-8-2023-3794,SUSE-2023-3794,SUSE-OpenStack-Cloud-8-2023-3794,SUSE-OpenStack-Cloud-9-2023-3794,SUSE-OpenStack-Cloud-Crowbar-8-2023-3794,SUSE-OpenStack-Cloud-Crowbar-9-2023-3794,SUSE-SLE-SDK-12-SP5-2023-3794,SUSE-SLE-SERVER-12-SP5-2023-3794
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
8.8 (High)
Affected products
Recommended
37 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: HPE Helion OpenStack 8:libwebpmux1-0.4.3-4.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libwebp5-0.4.3-4.15.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libwebp5-0.4.3-4.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libwebp5-0.4.3-4.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libwebp5-0.4.3-4.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libwebp5-32bit-0.4.3-4.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libwebp5-32bit-0.4.3-4.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libwebpdemux1-0.4.3-4.15.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libwebpdemux1-0.4.3-4.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libwebpdemux1-0.4.3-4.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libwebpdemux1-0.4.3-4.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:libwebp5-0.4.3-4.15.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:libwebp5-0.4.3-4.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:libwebp5-0.4.3-4.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:libwebp5-0.4.3-4.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:libwebp5-32bit-0.4.3-4.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:libwebp5-32bit-0.4.3-4.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:libwebpdemux1-0.4.3-4.15.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:libwebpdemux1-0.4.3-4.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:libwebpdemux1-0.4.3-4.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:libwebpdemux1-0.4.3-4.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:libwebp-devel-0.4.3-4.15.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:libwebp-devel-0.4.3-4.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:libwebp-devel-0.4.3-4.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:libwebp-devel-0.4.3-4.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:libwebpdecoder1-0.4.3-4.15.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:libwebpdecoder1-0.4.3-4.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:libwebpdecoder1-0.4.3-4.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:libwebpdecoder1-0.4.3-4.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:libwebpmux1-0.4.3-4.15.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:libwebpmux1-0.4.3-4.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:libwebpmux1-0.4.3-4.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:libwebpmux1-0.4.3-4.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:libwebpmux1-0.4.3-4.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:libwebpmux1-0.4.3-4.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:libwebpmux1-0.4.3-4.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:libwebpmux1-0.4.3-4.15.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
10 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for libwebp",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for libwebp fixes the following issues:\n\n - CVE-2023-4863: Fixed a heap buffer overflow (bsc#1215231).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "HPE-Helion-OpenStack-8-2023-3794,SUSE-2023-3794,SUSE-OpenStack-Cloud-8-2023-3794,SUSE-OpenStack-Cloud-9-2023-3794,SUSE-OpenStack-Cloud-Crowbar-8-2023-3794,SUSE-OpenStack-Cloud-Crowbar-9-2023-3794,SUSE-SLE-SDK-12-SP5-2023-3794,SUSE-SLE-SERVER-12-SP5-2023-3794",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_3794-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2023:3794-1",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20233794-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2023:3794-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-September/016334.html"
},
{
"category": "self",
"summary": "SUSE Bug 1215231",
"url": "https://bugzilla.suse.com/1215231"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-4863 page",
"url": "https://www.suse.com/security/cve/CVE-2023-4863/"
}
],
"title": "Security update for libwebp",
"tracking": {
"current_release_date": "2023-09-26T16:06:17Z",
"generator": {
"date": "2023-09-26T16:06:17Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2023:3794-1",
"initial_release_date": "2023-09-26T16:06:17Z",
"revision_history": [
{
"date": "2023-09-26T16:06:17Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libwebp-devel-0.4.3-4.15.1.aarch64",
"product": {
"name": "libwebp-devel-0.4.3-4.15.1.aarch64",
"product_id": "libwebp-devel-0.4.3-4.15.1.aarch64"
}
},
{
"category": "product_version",
"name": "libwebp-tools-0.4.3-4.15.1.aarch64",
"product": {
"name": "libwebp-tools-0.4.3-4.15.1.aarch64",
"product_id": "libwebp-tools-0.4.3-4.15.1.aarch64"
}
},
{
"category": "product_version",
"name": "libwebp5-0.4.3-4.15.1.aarch64",
"product": {
"name": "libwebp5-0.4.3-4.15.1.aarch64",
"product_id": "libwebp5-0.4.3-4.15.1.aarch64"
}
},
{
"category": "product_version",
"name": "libwebpdecoder1-0.4.3-4.15.1.aarch64",
"product": {
"name": "libwebpdecoder1-0.4.3-4.15.1.aarch64",
"product_id": "libwebpdecoder1-0.4.3-4.15.1.aarch64"
}
},
{
"category": "product_version",
"name": "libwebpdemux1-0.4.3-4.15.1.aarch64",
"product": {
"name": "libwebpdemux1-0.4.3-4.15.1.aarch64",
"product_id": "libwebpdemux1-0.4.3-4.15.1.aarch64"
}
},
{
"category": "product_version",
"name": "libwebpmux1-0.4.3-4.15.1.aarch64",
"product": {
"name": "libwebpmux1-0.4.3-4.15.1.aarch64",
"product_id": "libwebpmux1-0.4.3-4.15.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libwebp5-64bit-0.4.3-4.15.1.aarch64_ilp32",
"product": {
"name": "libwebp5-64bit-0.4.3-4.15.1.aarch64_ilp32",
"product_id": "libwebp5-64bit-0.4.3-4.15.1.aarch64_ilp32"
}
},
{
"category": "product_version",
"name": "libwebpdecoder1-64bit-0.4.3-4.15.1.aarch64_ilp32",
"product": {
"name": "libwebpdecoder1-64bit-0.4.3-4.15.1.aarch64_ilp32",
"product_id": "libwebpdecoder1-64bit-0.4.3-4.15.1.aarch64_ilp32"
}
},
{
"category": "product_version",
"name": "libwebpdemux1-64bit-0.4.3-4.15.1.aarch64_ilp32",
"product": {
"name": "libwebpdemux1-64bit-0.4.3-4.15.1.aarch64_ilp32",
"product_id": "libwebpdemux1-64bit-0.4.3-4.15.1.aarch64_ilp32"
}
},
{
"category": "product_version",
"name": "libwebpmux1-64bit-0.4.3-4.15.1.aarch64_ilp32",
"product": {
"name": "libwebpmux1-64bit-0.4.3-4.15.1.aarch64_ilp32",
"product_id": "libwebpmux1-64bit-0.4.3-4.15.1.aarch64_ilp32"
}
}
],
"category": "architecture",
"name": "aarch64_ilp32"
},
{
"branches": [
{
"category": "product_version",
"name": "libwebp-devel-0.4.3-4.15.1.i586",
"product": {
"name": "libwebp-devel-0.4.3-4.15.1.i586",
"product_id": "libwebp-devel-0.4.3-4.15.1.i586"
}
},
{
"category": "product_version",
"name": "libwebp-tools-0.4.3-4.15.1.i586",
"product": {
"name": "libwebp-tools-0.4.3-4.15.1.i586",
"product_id": "libwebp-tools-0.4.3-4.15.1.i586"
}
},
{
"category": "product_version",
"name": "libwebp5-0.4.3-4.15.1.i586",
"product": {
"name": "libwebp5-0.4.3-4.15.1.i586",
"product_id": "libwebp5-0.4.3-4.15.1.i586"
}
},
{
"category": "product_version",
"name": "libwebpdecoder1-0.4.3-4.15.1.i586",
"product": {
"name": "libwebpdecoder1-0.4.3-4.15.1.i586",
"product_id": "libwebpdecoder1-0.4.3-4.15.1.i586"
}
},
{
"category": "product_version",
"name": "libwebpdemux1-0.4.3-4.15.1.i586",
"product": {
"name": "libwebpdemux1-0.4.3-4.15.1.i586",
"product_id": "libwebpdemux1-0.4.3-4.15.1.i586"
}
},
{
"category": "product_version",
"name": "libwebpmux1-0.4.3-4.15.1.i586",
"product": {
"name": "libwebpmux1-0.4.3-4.15.1.i586",
"product_id": "libwebpmux1-0.4.3-4.15.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "libwebp-devel-0.4.3-4.15.1.ppc64le",
"product": {
"name": "libwebp-devel-0.4.3-4.15.1.ppc64le",
"product_id": "libwebp-devel-0.4.3-4.15.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libwebp-tools-0.4.3-4.15.1.ppc64le",
"product": {
"name": "libwebp-tools-0.4.3-4.15.1.ppc64le",
"product_id": "libwebp-tools-0.4.3-4.15.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libwebp5-0.4.3-4.15.1.ppc64le",
"product": {
"name": "libwebp5-0.4.3-4.15.1.ppc64le",
"product_id": "libwebp5-0.4.3-4.15.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libwebpdecoder1-0.4.3-4.15.1.ppc64le",
"product": {
"name": "libwebpdecoder1-0.4.3-4.15.1.ppc64le",
"product_id": "libwebpdecoder1-0.4.3-4.15.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libwebpdemux1-0.4.3-4.15.1.ppc64le",
"product": {
"name": "libwebpdemux1-0.4.3-4.15.1.ppc64le",
"product_id": "libwebpdemux1-0.4.3-4.15.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libwebpmux1-0.4.3-4.15.1.ppc64le",
"product": {
"name": "libwebpmux1-0.4.3-4.15.1.ppc64le",
"product_id": "libwebpmux1-0.4.3-4.15.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libwebp-devel-0.4.3-4.15.1.s390",
"product": {
"name": "libwebp-devel-0.4.3-4.15.1.s390",
"product_id": "libwebp-devel-0.4.3-4.15.1.s390"
}
},
{
"category": "product_version",
"name": "libwebp-tools-0.4.3-4.15.1.s390",
"product": {
"name": "libwebp-tools-0.4.3-4.15.1.s390",
"product_id": "libwebp-tools-0.4.3-4.15.1.s390"
}
},
{
"category": "product_version",
"name": "libwebp5-0.4.3-4.15.1.s390",
"product": {
"name": "libwebp5-0.4.3-4.15.1.s390",
"product_id": "libwebp5-0.4.3-4.15.1.s390"
}
},
{
"category": "product_version",
"name": "libwebpdecoder1-0.4.3-4.15.1.s390",
"product": {
"name": "libwebpdecoder1-0.4.3-4.15.1.s390",
"product_id": "libwebpdecoder1-0.4.3-4.15.1.s390"
}
},
{
"category": "product_version",
"name": "libwebpdemux1-0.4.3-4.15.1.s390",
"product": {
"name": "libwebpdemux1-0.4.3-4.15.1.s390",
"product_id": "libwebpdemux1-0.4.3-4.15.1.s390"
}
},
{
"category": "product_version",
"name": "libwebpmux1-0.4.3-4.15.1.s390",
"product": {
"name": "libwebpmux1-0.4.3-4.15.1.s390",
"product_id": "libwebpmux1-0.4.3-4.15.1.s390"
}
}
],
"category": "architecture",
"name": "s390"
},
{
"branches": [
{
"category": "product_version",
"name": "libwebp-devel-0.4.3-4.15.1.s390x",
"product": {
"name": "libwebp-devel-0.4.3-4.15.1.s390x",
"product_id": "libwebp-devel-0.4.3-4.15.1.s390x"
}
},
{
"category": "product_version",
"name": "libwebp-tools-0.4.3-4.15.1.s390x",
"product": {
"name": "libwebp-tools-0.4.3-4.15.1.s390x",
"product_id": "libwebp-tools-0.4.3-4.15.1.s390x"
}
},
{
"category": "product_version",
"name": "libwebp5-0.4.3-4.15.1.s390x",
"product": {
"name": "libwebp5-0.4.3-4.15.1.s390x",
"product_id": "libwebp5-0.4.3-4.15.1.s390x"
}
},
{
"category": "product_version",
"name": "libwebp5-32bit-0.4.3-4.15.1.s390x",
"product": {
"name": "libwebp5-32bit-0.4.3-4.15.1.s390x",
"product_id": "libwebp5-32bit-0.4.3-4.15.1.s390x"
}
},
{
"category": "product_version",
"name": "libwebpdecoder1-0.4.3-4.15.1.s390x",
"product": {
"name": "libwebpdecoder1-0.4.3-4.15.1.s390x",
"product_id": "libwebpdecoder1-0.4.3-4.15.1.s390x"
}
},
{
"category": "product_version",
"name": "libwebpdecoder1-32bit-0.4.3-4.15.1.s390x",
"product": {
"name": "libwebpdecoder1-32bit-0.4.3-4.15.1.s390x",
"product_id": "libwebpdecoder1-32bit-0.4.3-4.15.1.s390x"
}
},
{
"category": "product_version",
"name": "libwebpdemux1-0.4.3-4.15.1.s390x",
"product": {
"name": "libwebpdemux1-0.4.3-4.15.1.s390x",
"product_id": "libwebpdemux1-0.4.3-4.15.1.s390x"
}
},
{
"category": "product_version",
"name": "libwebpdemux1-32bit-0.4.3-4.15.1.s390x",
"product": {
"name": "libwebpdemux1-32bit-0.4.3-4.15.1.s390x",
"product_id": "libwebpdemux1-32bit-0.4.3-4.15.1.s390x"
}
},
{
"category": "product_version",
"name": "libwebpmux1-0.4.3-4.15.1.s390x",
"product": {
"name": "libwebpmux1-0.4.3-4.15.1.s390x",
"product_id": "libwebpmux1-0.4.3-4.15.1.s390x"
}
},
{
"category": "product_version",
"name": "libwebpmux1-32bit-0.4.3-4.15.1.s390x",
"product": {
"name": "libwebpmux1-32bit-0.4.3-4.15.1.s390x",
"product_id": "libwebpmux1-32bit-0.4.3-4.15.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libwebpmux1-0.4.3-4.15.1.x86_64",
"product": {
"name": "libwebpmux1-0.4.3-4.15.1.x86_64",
"product_id": "libwebpmux1-0.4.3-4.15.1.x86_64"
}
},
{
"category": "product_version",
"name": "libwebp-devel-0.4.3-4.15.1.x86_64",
"product": {
"name": "libwebp-devel-0.4.3-4.15.1.x86_64",
"product_id": "libwebp-devel-0.4.3-4.15.1.x86_64"
}
},
{
"category": "product_version",
"name": "libwebp-tools-0.4.3-4.15.1.x86_64",
"product": {
"name": "libwebp-tools-0.4.3-4.15.1.x86_64",
"product_id": "libwebp-tools-0.4.3-4.15.1.x86_64"
}
},
{
"category": "product_version",
"name": "libwebp5-0.4.3-4.15.1.x86_64",
"product": {
"name": "libwebp5-0.4.3-4.15.1.x86_64",
"product_id": "libwebp5-0.4.3-4.15.1.x86_64"
}
},
{
"category": "product_version",
"name": "libwebp5-32bit-0.4.3-4.15.1.x86_64",
"product": {
"name": "libwebp5-32bit-0.4.3-4.15.1.x86_64",
"product_id": "libwebp5-32bit-0.4.3-4.15.1.x86_64"
}
},
{
"category": "product_version",
"name": "libwebpdecoder1-0.4.3-4.15.1.x86_64",
"product": {
"name": "libwebpdecoder1-0.4.3-4.15.1.x86_64",
"product_id": "libwebpdecoder1-0.4.3-4.15.1.x86_64"
}
},
{
"category": "product_version",
"name": "libwebpdecoder1-32bit-0.4.3-4.15.1.x86_64",
"product": {
"name": "libwebpdecoder1-32bit-0.4.3-4.15.1.x86_64",
"product_id": "libwebpdecoder1-32bit-0.4.3-4.15.1.x86_64"
}
},
{
"category": "product_version",
"name": "libwebpdemux1-0.4.3-4.15.1.x86_64",
"product": {
"name": "libwebpdemux1-0.4.3-4.15.1.x86_64",
"product_id": "libwebpdemux1-0.4.3-4.15.1.x86_64"
}
},
{
"category": "product_version",
"name": "libwebpdemux1-32bit-0.4.3-4.15.1.x86_64",
"product": {
"name": "libwebpdemux1-32bit-0.4.3-4.15.1.x86_64",
"product_id": "libwebpdemux1-32bit-0.4.3-4.15.1.x86_64"
}
},
{
"category": "product_version",
"name": "libwebpmux1-32bit-0.4.3-4.15.1.x86_64",
"product": {
"name": "libwebpmux1-32bit-0.4.3-4.15.1.x86_64",
"product_id": "libwebpmux1-32bit-0.4.3-4.15.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "HPE Helion OpenStack 8",
"product": {
"name": "HPE Helion OpenStack 8",
"product_id": "HPE Helion OpenStack 8",
"product_identification_helper": {
"cpe": "cpe:/o:suse:hpe-helion-openstack:8"
}
}
},
{
"category": "product_name",
"name": "SUSE OpenStack Cloud 8",
"product": {
"name": "SUSE OpenStack Cloud 8",
"product_id": "SUSE OpenStack Cloud 8",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-openstack-cloud:8"
}
}
},
{
"category": "product_name",
"name": "SUSE OpenStack Cloud 9",
"product": {
"name": "SUSE OpenStack Cloud 9",
"product_id": "SUSE OpenStack Cloud 9",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-openstack-cloud:9"
}
}
},
{
"category": "product_name",
"name": "SUSE OpenStack Cloud Crowbar 8",
"product": {
"name": "SUSE OpenStack Cloud Crowbar 8",
"product_id": "SUSE OpenStack Cloud Crowbar 8",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-openstack-cloud-crowbar:8"
}
}
},
{
"category": "product_name",
"name": "SUSE OpenStack Cloud Crowbar 9",
"product": {
"name": "SUSE OpenStack Cloud Crowbar 9",
"product_id": "SUSE OpenStack Cloud Crowbar 9",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-openstack-cloud-crowbar:9"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Software Development Kit 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Software Development Kit 12 SP5",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-sdk:12:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:12:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebpmux1-0.4.3-4.15.1.x86_64 as component of HPE Helion OpenStack 8",
"product_id": "HPE Helion OpenStack 8:libwebpmux1-0.4.3-4.15.1.x86_64"
},
"product_reference": "libwebpmux1-0.4.3-4.15.1.x86_64",
"relates_to_product_reference": "HPE Helion OpenStack 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebpmux1-0.4.3-4.15.1.x86_64 as component of SUSE OpenStack Cloud 8",
"product_id": "SUSE OpenStack Cloud 8:libwebpmux1-0.4.3-4.15.1.x86_64"
},
"product_reference": "libwebpmux1-0.4.3-4.15.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebpmux1-0.4.3-4.15.1.x86_64 as component of SUSE OpenStack Cloud 9",
"product_id": "SUSE OpenStack Cloud 9:libwebpmux1-0.4.3-4.15.1.x86_64"
},
"product_reference": "libwebpmux1-0.4.3-4.15.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebpmux1-0.4.3-4.15.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 8",
"product_id": "SUSE OpenStack Cloud Crowbar 8:libwebpmux1-0.4.3-4.15.1.x86_64"
},
"product_reference": "libwebpmux1-0.4.3-4.15.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebpmux1-0.4.3-4.15.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 9",
"product_id": "SUSE OpenStack Cloud Crowbar 9:libwebpmux1-0.4.3-4.15.1.x86_64"
},
"product_reference": "libwebpmux1-0.4.3-4.15.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebp-devel-0.4.3-4.15.1.aarch64 as component of SUSE Linux Enterprise Software Development Kit 12 SP5",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5:libwebp-devel-0.4.3-4.15.1.aarch64"
},
"product_reference": "libwebp-devel-0.4.3-4.15.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebp-devel-0.4.3-4.15.1.ppc64le as component of SUSE Linux Enterprise Software Development Kit 12 SP5",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5:libwebp-devel-0.4.3-4.15.1.ppc64le"
},
"product_reference": "libwebp-devel-0.4.3-4.15.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebp-devel-0.4.3-4.15.1.s390x as component of SUSE Linux Enterprise Software Development Kit 12 SP5",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5:libwebp-devel-0.4.3-4.15.1.s390x"
},
"product_reference": "libwebp-devel-0.4.3-4.15.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebp-devel-0.4.3-4.15.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 12 SP5",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5:libwebp-devel-0.4.3-4.15.1.x86_64"
},
"product_reference": "libwebp-devel-0.4.3-4.15.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebpdecoder1-0.4.3-4.15.1.aarch64 as component of SUSE Linux Enterprise Software Development Kit 12 SP5",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5:libwebpdecoder1-0.4.3-4.15.1.aarch64"
},
"product_reference": "libwebpdecoder1-0.4.3-4.15.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebpdecoder1-0.4.3-4.15.1.ppc64le as component of SUSE Linux Enterprise Software Development Kit 12 SP5",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5:libwebpdecoder1-0.4.3-4.15.1.ppc64le"
},
"product_reference": "libwebpdecoder1-0.4.3-4.15.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebpdecoder1-0.4.3-4.15.1.s390x as component of SUSE Linux Enterprise Software Development Kit 12 SP5",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5:libwebpdecoder1-0.4.3-4.15.1.s390x"
},
"product_reference": "libwebpdecoder1-0.4.3-4.15.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebpdecoder1-0.4.3-4.15.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 12 SP5",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5:libwebpdecoder1-0.4.3-4.15.1.x86_64"
},
"product_reference": "libwebpdecoder1-0.4.3-4.15.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebpmux1-0.4.3-4.15.1.aarch64 as component of SUSE Linux Enterprise Software Development Kit 12 SP5",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5:libwebpmux1-0.4.3-4.15.1.aarch64"
},
"product_reference": "libwebpmux1-0.4.3-4.15.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebpmux1-0.4.3-4.15.1.ppc64le as component of SUSE Linux Enterprise Software Development Kit 12 SP5",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5:libwebpmux1-0.4.3-4.15.1.ppc64le"
},
"product_reference": "libwebpmux1-0.4.3-4.15.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebpmux1-0.4.3-4.15.1.s390x as component of SUSE Linux Enterprise Software Development Kit 12 SP5",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5:libwebpmux1-0.4.3-4.15.1.s390x"
},
"product_reference": "libwebpmux1-0.4.3-4.15.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebpmux1-0.4.3-4.15.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 12 SP5",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5:libwebpmux1-0.4.3-4.15.1.x86_64"
},
"product_reference": "libwebpmux1-0.4.3-4.15.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebp5-0.4.3-4.15.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:libwebp5-0.4.3-4.15.1.aarch64"
},
"product_reference": "libwebp5-0.4.3-4.15.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebp5-0.4.3-4.15.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:libwebp5-0.4.3-4.15.1.ppc64le"
},
"product_reference": "libwebp5-0.4.3-4.15.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebp5-0.4.3-4.15.1.s390x as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:libwebp5-0.4.3-4.15.1.s390x"
},
"product_reference": "libwebp5-0.4.3-4.15.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebp5-0.4.3-4.15.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:libwebp5-0.4.3-4.15.1.x86_64"
},
"product_reference": "libwebp5-0.4.3-4.15.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebp5-32bit-0.4.3-4.15.1.s390x as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:libwebp5-32bit-0.4.3-4.15.1.s390x"
},
"product_reference": "libwebp5-32bit-0.4.3-4.15.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebp5-32bit-0.4.3-4.15.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:libwebp5-32bit-0.4.3-4.15.1.x86_64"
},
"product_reference": "libwebp5-32bit-0.4.3-4.15.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebpdemux1-0.4.3-4.15.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:libwebpdemux1-0.4.3-4.15.1.aarch64"
},
"product_reference": "libwebpdemux1-0.4.3-4.15.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebpdemux1-0.4.3-4.15.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:libwebpdemux1-0.4.3-4.15.1.ppc64le"
},
"product_reference": "libwebpdemux1-0.4.3-4.15.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebpdemux1-0.4.3-4.15.1.s390x as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:libwebpdemux1-0.4.3-4.15.1.s390x"
},
"product_reference": "libwebpdemux1-0.4.3-4.15.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebpdemux1-0.4.3-4.15.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:libwebpdemux1-0.4.3-4.15.1.x86_64"
},
"product_reference": "libwebpdemux1-0.4.3-4.15.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebp5-0.4.3-4.15.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:libwebp5-0.4.3-4.15.1.aarch64"
},
"product_reference": "libwebp5-0.4.3-4.15.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebp5-0.4.3-4.15.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:libwebp5-0.4.3-4.15.1.ppc64le"
},
"product_reference": "libwebp5-0.4.3-4.15.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebp5-0.4.3-4.15.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:libwebp5-0.4.3-4.15.1.s390x"
},
"product_reference": "libwebp5-0.4.3-4.15.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebp5-0.4.3-4.15.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:libwebp5-0.4.3-4.15.1.x86_64"
},
"product_reference": "libwebp5-0.4.3-4.15.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebp5-32bit-0.4.3-4.15.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:libwebp5-32bit-0.4.3-4.15.1.s390x"
},
"product_reference": "libwebp5-32bit-0.4.3-4.15.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebp5-32bit-0.4.3-4.15.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:libwebp5-32bit-0.4.3-4.15.1.x86_64"
},
"product_reference": "libwebp5-32bit-0.4.3-4.15.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebpdemux1-0.4.3-4.15.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:libwebpdemux1-0.4.3-4.15.1.aarch64"
},
"product_reference": "libwebpdemux1-0.4.3-4.15.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebpdemux1-0.4.3-4.15.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:libwebpdemux1-0.4.3-4.15.1.ppc64le"
},
"product_reference": "libwebpdemux1-0.4.3-4.15.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebpdemux1-0.4.3-4.15.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:libwebpdemux1-0.4.3-4.15.1.s390x"
},
"product_reference": "libwebpdemux1-0.4.3-4.15.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebpdemux1-0.4.3-4.15.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:libwebpdemux1-0.4.3-4.15.1.x86_64"
},
"product_reference": "libwebpdemux1-0.4.3-4.15.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-4863",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-4863"
}
],
"notes": [
{
"category": "general",
"text": "Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"HPE Helion OpenStack 8:libwebpmux1-0.4.3-4.15.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libwebp5-0.4.3-4.15.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:libwebp5-0.4.3-4.15.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:libwebp5-0.4.3-4.15.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libwebp5-0.4.3-4.15.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libwebp5-32bit-0.4.3-4.15.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libwebp5-32bit-0.4.3-4.15.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libwebpdemux1-0.4.3-4.15.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:libwebpdemux1-0.4.3-4.15.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:libwebpdemux1-0.4.3-4.15.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libwebpdemux1-0.4.3-4.15.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:libwebp5-0.4.3-4.15.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:libwebp5-0.4.3-4.15.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:libwebp5-0.4.3-4.15.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:libwebp5-0.4.3-4.15.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:libwebp5-32bit-0.4.3-4.15.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:libwebp5-32bit-0.4.3-4.15.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:libwebpdemux1-0.4.3-4.15.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:libwebpdemux1-0.4.3-4.15.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:libwebpdemux1-0.4.3-4.15.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:libwebpdemux1-0.4.3-4.15.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:libwebp-devel-0.4.3-4.15.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:libwebp-devel-0.4.3-4.15.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:libwebp-devel-0.4.3-4.15.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:libwebp-devel-0.4.3-4.15.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:libwebpdecoder1-0.4.3-4.15.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:libwebpdecoder1-0.4.3-4.15.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:libwebpdecoder1-0.4.3-4.15.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:libwebpdecoder1-0.4.3-4.15.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:libwebpmux1-0.4.3-4.15.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:libwebpmux1-0.4.3-4.15.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:libwebpmux1-0.4.3-4.15.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:libwebpmux1-0.4.3-4.15.1.x86_64",
"SUSE OpenStack Cloud 8:libwebpmux1-0.4.3-4.15.1.x86_64",
"SUSE OpenStack Cloud 9:libwebpmux1-0.4.3-4.15.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:libwebpmux1-0.4.3-4.15.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:libwebpmux1-0.4.3-4.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-4863",
"url": "https://www.suse.com/security/cve/CVE-2023-4863"
},
{
"category": "external",
"summary": "SUSE Bug 1215231 for CVE-2023-4863",
"url": "https://bugzilla.suse.com/1215231"
},
{
"category": "external",
"summary": "SUSE Bug 1217115 for CVE-2023-4863",
"url": "https://bugzilla.suse.com/1217115"
},
{
"category": "external",
"summary": "SUSE Bug 1217117 for CVE-2023-4863",
"url": "https://bugzilla.suse.com/1217117"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"HPE Helion OpenStack 8:libwebpmux1-0.4.3-4.15.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libwebp5-0.4.3-4.15.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:libwebp5-0.4.3-4.15.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:libwebp5-0.4.3-4.15.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libwebp5-0.4.3-4.15.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libwebp5-32bit-0.4.3-4.15.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libwebp5-32bit-0.4.3-4.15.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libwebpdemux1-0.4.3-4.15.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:libwebpdemux1-0.4.3-4.15.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:libwebpdemux1-0.4.3-4.15.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libwebpdemux1-0.4.3-4.15.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:libwebp5-0.4.3-4.15.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:libwebp5-0.4.3-4.15.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:libwebp5-0.4.3-4.15.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:libwebp5-0.4.3-4.15.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:libwebp5-32bit-0.4.3-4.15.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:libwebp5-32bit-0.4.3-4.15.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:libwebpdemux1-0.4.3-4.15.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:libwebpdemux1-0.4.3-4.15.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:libwebpdemux1-0.4.3-4.15.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:libwebpdemux1-0.4.3-4.15.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:libwebp-devel-0.4.3-4.15.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:libwebp-devel-0.4.3-4.15.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:libwebp-devel-0.4.3-4.15.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:libwebp-devel-0.4.3-4.15.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:libwebpdecoder1-0.4.3-4.15.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:libwebpdecoder1-0.4.3-4.15.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:libwebpdecoder1-0.4.3-4.15.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:libwebpdecoder1-0.4.3-4.15.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:libwebpmux1-0.4.3-4.15.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:libwebpmux1-0.4.3-4.15.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:libwebpmux1-0.4.3-4.15.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:libwebpmux1-0.4.3-4.15.1.x86_64",
"SUSE OpenStack Cloud 8:libwebpmux1-0.4.3-4.15.1.x86_64",
"SUSE OpenStack Cloud 9:libwebpmux1-0.4.3-4.15.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:libwebpmux1-0.4.3-4.15.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:libwebpmux1-0.4.3-4.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"HPE Helion OpenStack 8:libwebpmux1-0.4.3-4.15.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libwebp5-0.4.3-4.15.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:libwebp5-0.4.3-4.15.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:libwebp5-0.4.3-4.15.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libwebp5-0.4.3-4.15.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libwebp5-32bit-0.4.3-4.15.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libwebp5-32bit-0.4.3-4.15.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libwebpdemux1-0.4.3-4.15.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:libwebpdemux1-0.4.3-4.15.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:libwebpdemux1-0.4.3-4.15.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libwebpdemux1-0.4.3-4.15.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:libwebp5-0.4.3-4.15.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:libwebp5-0.4.3-4.15.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:libwebp5-0.4.3-4.15.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:libwebp5-0.4.3-4.15.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:libwebp5-32bit-0.4.3-4.15.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:libwebp5-32bit-0.4.3-4.15.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:libwebpdemux1-0.4.3-4.15.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:libwebpdemux1-0.4.3-4.15.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:libwebpdemux1-0.4.3-4.15.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:libwebpdemux1-0.4.3-4.15.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:libwebp-devel-0.4.3-4.15.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:libwebp-devel-0.4.3-4.15.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:libwebp-devel-0.4.3-4.15.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:libwebp-devel-0.4.3-4.15.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:libwebpdecoder1-0.4.3-4.15.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:libwebpdecoder1-0.4.3-4.15.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:libwebpdecoder1-0.4.3-4.15.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:libwebpdecoder1-0.4.3-4.15.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:libwebpmux1-0.4.3-4.15.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:libwebpmux1-0.4.3-4.15.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:libwebpmux1-0.4.3-4.15.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:libwebpmux1-0.4.3-4.15.1.x86_64",
"SUSE OpenStack Cloud 8:libwebpmux1-0.4.3-4.15.1.x86_64",
"SUSE OpenStack Cloud 9:libwebpmux1-0.4.3-4.15.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:libwebpmux1-0.4.3-4.15.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:libwebpmux1-0.4.3-4.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-09-26T16:06:17Z",
"details": "important"
}
],
"title": "CVE-2023-4863"
}
]
}
SUSE-SU-2023:3829-1
Vulnerability from csaf_suse - Published: 2023-09-27 17:13 - Updated: 2023-09-27 17:13Summary
Security update for libwebp
Severity
Critical
Notes
Title of the patch: Security update for libwebp
Description of the patch: This update for libwebp fixes the following issues:
- CVE-2023-4863: Fixed heap buffer overflow (bsc#1215231).
Patchnames: SUSE-2023-3829,SUSE-SLE-Module-Packagehub-Subpackages-15-SP4-2023-3829,SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2023-3829,SUSE-SLE-Product-HPC-15-SP1-LTSS-2023-3829,SUSE-SLE-Product-SLES-15-SP1-LTSS-2023-3829,SUSE-SLE-Product-SLES_SAP-15-SP1-2023-3829,SUSE-SLE-Product-WE-15-SP4-2023-3829,SUSE-SLE-Product-WE-15-SP5-2023-3829,openSUSE-SLE-15.4-2023-3829
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
8.8 (High)
Affected products
Recommended
87 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libwebp-devel-0.5.0-150000.3.14.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libwebp-devel-0.5.0-150000.3.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libwebp6-0.5.0-150000.3.14.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libwebp6-0.5.0-150000.3.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libwebp6-32bit-0.5.0-150000.3.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libwebpdecoder2-0.5.0-150000.3.14.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libwebpdecoder2-0.5.0-150000.3.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libwebpdecoder2-32bit-0.5.0-150000.3.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libwebpdemux2-0.5.0-150000.3.14.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libwebpdemux2-0.5.0-150000.3.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libwebpdemux2-32bit-0.5.0-150000.3.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libwebpextras0-0.5.0-150000.3.14.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libwebpextras0-0.5.0-150000.3.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libwebpextras0-32bit-0.5.0-150000.3.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libwebpmux2-0.5.0-150000.3.14.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libwebpmux2-0.5.0-150000.3.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libwebpmux2-32bit-0.5.0-150000.3.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:libwebp6-32bit-0.5.0-150000.3.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP5:libwebp6-32bit-0.5.0-150000.3.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP1-LTSS:libwebp-devel-0.5.0-150000.3.14.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP1-LTSS:libwebp-devel-0.5.0-150000.3.14.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP1-LTSS:libwebp-devel-0.5.0-150000.3.14.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP1-LTSS:libwebp-devel-0.5.0-150000.3.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP1-LTSS:libwebp6-0.5.0-150000.3.14.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP1-LTSS:libwebp6-0.5.0-150000.3.14.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP1-LTSS:libwebp6-0.5.0-150000.3.14.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP1-LTSS:libwebp6-0.5.0-150000.3.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP1-LTSS:libwebp6-32bit-0.5.0-150000.3.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP1-LTSS:libwebpdecoder2-0.5.0-150000.3.14.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP1-LTSS:libwebpdecoder2-0.5.0-150000.3.14.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP1-LTSS:libwebpdecoder2-0.5.0-150000.3.14.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP1-LTSS:libwebpdecoder2-0.5.0-150000.3.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP1-LTSS:libwebpdecoder2-32bit-0.5.0-150000.3.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP1-LTSS:libwebpdemux2-0.5.0-150000.3.14.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP1-LTSS:libwebpdemux2-0.5.0-150000.3.14.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP1-LTSS:libwebpdemux2-0.5.0-150000.3.14.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP1-LTSS:libwebpdemux2-0.5.0-150000.3.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP1-LTSS:libwebpdemux2-32bit-0.5.0-150000.3.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP1-LTSS:libwebpextras0-0.5.0-150000.3.14.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP1-LTSS:libwebpextras0-0.5.0-150000.3.14.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP1-LTSS:libwebpextras0-0.5.0-150000.3.14.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP1-LTSS:libwebpextras0-0.5.0-150000.3.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP1-LTSS:libwebpextras0-32bit-0.5.0-150000.3.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP1-LTSS:libwebpmux2-0.5.0-150000.3.14.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP1-LTSS:libwebpmux2-0.5.0-150000.3.14.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP1-LTSS:libwebpmux2-0.5.0-150000.3.14.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP1-LTSS:libwebpmux2-0.5.0-150000.3.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP1-LTSS:libwebpmux2-32bit-0.5.0-150000.3.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP1:libwebp-devel-0.5.0-150000.3.14.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP1:libwebp-devel-0.5.0-150000.3.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP1:libwebp6-0.5.0-150000.3.14.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP1:libwebp6-0.5.0-150000.3.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP1:libwebp6-32bit-0.5.0-150000.3.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP1:libwebpdecoder2-0.5.0-150000.3.14.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP1:libwebpdecoder2-0.5.0-150000.3.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP1:libwebpdecoder2-32bit-0.5.0-150000.3.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP1:libwebpdemux2-0.5.0-150000.3.14.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP1:libwebpdemux2-0.5.0-150000.3.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP1:libwebpdemux2-32bit-0.5.0-150000.3.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP1:libwebpextras0-0.5.0-150000.3.14.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP1:libwebpextras0-0.5.0-150000.3.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP1:libwebpextras0-32bit-0.5.0-150000.3.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP1:libwebpmux2-0.5.0-150000.3.14.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP1:libwebpmux2-0.5.0-150000.3.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP1:libwebpmux2-32bit-0.5.0-150000.3.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP4:libwebp6-0.5.0-150000.3.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP5:libwebp6-0.5.0-150000.3.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:libwebp6-0.5.0-150000.3.14.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:libwebp6-0.5.0-150000.3.14.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:libwebp6-0.5.0-150000.3.14.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:libwebp6-0.5.0-150000.3.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:libwebp6-32bit-0.5.0-150000.3.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:libwebpdecoder2-0.5.0-150000.3.14.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:libwebpdecoder2-0.5.0-150000.3.14.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:libwebpdecoder2-0.5.0-150000.3.14.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:libwebpdecoder2-0.5.0-150000.3.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:libwebpdecoder2-32bit-0.5.0-150000.3.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:libwebpextras0-0.5.0-150000.3.14.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:libwebpextras0-0.5.0-150000.3.14.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:libwebpextras0-0.5.0-150000.3.14.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:libwebpextras0-0.5.0-150000.3.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:libwebpextras0-32bit-0.5.0-150000.3.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:libwebpmux2-0.5.0-150000.3.14.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:libwebpmux2-0.5.0-150000.3.14.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:libwebpmux2-0.5.0-150000.3.14.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:libwebpmux2-0.5.0-150000.3.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:libwebpmux2-32bit-0.5.0-150000.3.14.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
10 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for libwebp",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for libwebp fixes the following issues:\n\n- CVE-2023-4863: Fixed heap buffer overflow (bsc#1215231).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2023-3829,SUSE-SLE-Module-Packagehub-Subpackages-15-SP4-2023-3829,SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2023-3829,SUSE-SLE-Product-HPC-15-SP1-LTSS-2023-3829,SUSE-SLE-Product-SLES-15-SP1-LTSS-2023-3829,SUSE-SLE-Product-SLES_SAP-15-SP1-2023-3829,SUSE-SLE-Product-WE-15-SP4-2023-3829,SUSE-SLE-Product-WE-15-SP5-2023-3829,openSUSE-SLE-15.4-2023-3829",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_3829-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2023:3829-1",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20233829-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2023:3829-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2023-September/031736.html"
},
{
"category": "self",
"summary": "SUSE Bug 1215231",
"url": "https://bugzilla.suse.com/1215231"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-4863 page",
"url": "https://www.suse.com/security/cve/CVE-2023-4863/"
}
],
"title": "Security update for libwebp",
"tracking": {
"current_release_date": "2023-09-27T17:13:06Z",
"generator": {
"date": "2023-09-27T17:13:06Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2023:3829-1",
"initial_release_date": "2023-09-27T17:13:06Z",
"revision_history": [
{
"date": "2023-09-27T17:13:06Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libwebp-devel-0.5.0-150000.3.14.1.aarch64",
"product": {
"name": "libwebp-devel-0.5.0-150000.3.14.1.aarch64",
"product_id": "libwebp-devel-0.5.0-150000.3.14.1.aarch64"
}
},
{
"category": "product_version",
"name": "libwebp-tools-0.5.0-150000.3.14.1.aarch64",
"product": {
"name": "libwebp-tools-0.5.0-150000.3.14.1.aarch64",
"product_id": "libwebp-tools-0.5.0-150000.3.14.1.aarch64"
}
},
{
"category": "product_version",
"name": "libwebp6-0.5.0-150000.3.14.1.aarch64",
"product": {
"name": "libwebp6-0.5.0-150000.3.14.1.aarch64",
"product_id": "libwebp6-0.5.0-150000.3.14.1.aarch64"
}
},
{
"category": "product_version",
"name": "libwebpdecoder2-0.5.0-150000.3.14.1.aarch64",
"product": {
"name": "libwebpdecoder2-0.5.0-150000.3.14.1.aarch64",
"product_id": "libwebpdecoder2-0.5.0-150000.3.14.1.aarch64"
}
},
{
"category": "product_version",
"name": "libwebpdemux2-0.5.0-150000.3.14.1.aarch64",
"product": {
"name": "libwebpdemux2-0.5.0-150000.3.14.1.aarch64",
"product_id": "libwebpdemux2-0.5.0-150000.3.14.1.aarch64"
}
},
{
"category": "product_version",
"name": "libwebpextras0-0.5.0-150000.3.14.1.aarch64",
"product": {
"name": "libwebpextras0-0.5.0-150000.3.14.1.aarch64",
"product_id": "libwebpextras0-0.5.0-150000.3.14.1.aarch64"
}
},
{
"category": "product_version",
"name": "libwebpmux2-0.5.0-150000.3.14.1.aarch64",
"product": {
"name": "libwebpmux2-0.5.0-150000.3.14.1.aarch64",
"product_id": "libwebpmux2-0.5.0-150000.3.14.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libwebp-devel-64bit-0.5.0-150000.3.14.1.aarch64_ilp32",
"product": {
"name": "libwebp-devel-64bit-0.5.0-150000.3.14.1.aarch64_ilp32",
"product_id": "libwebp-devel-64bit-0.5.0-150000.3.14.1.aarch64_ilp32"
}
},
{
"category": "product_version",
"name": "libwebp6-64bit-0.5.0-150000.3.14.1.aarch64_ilp32",
"product": {
"name": "libwebp6-64bit-0.5.0-150000.3.14.1.aarch64_ilp32",
"product_id": "libwebp6-64bit-0.5.0-150000.3.14.1.aarch64_ilp32"
}
},
{
"category": "product_version",
"name": "libwebpdecoder2-64bit-0.5.0-150000.3.14.1.aarch64_ilp32",
"product": {
"name": "libwebpdecoder2-64bit-0.5.0-150000.3.14.1.aarch64_ilp32",
"product_id": "libwebpdecoder2-64bit-0.5.0-150000.3.14.1.aarch64_ilp32"
}
},
{
"category": "product_version",
"name": "libwebpdemux2-64bit-0.5.0-150000.3.14.1.aarch64_ilp32",
"product": {
"name": "libwebpdemux2-64bit-0.5.0-150000.3.14.1.aarch64_ilp32",
"product_id": "libwebpdemux2-64bit-0.5.0-150000.3.14.1.aarch64_ilp32"
}
},
{
"category": "product_version",
"name": "libwebpextras0-64bit-0.5.0-150000.3.14.1.aarch64_ilp32",
"product": {
"name": "libwebpextras0-64bit-0.5.0-150000.3.14.1.aarch64_ilp32",
"product_id": "libwebpextras0-64bit-0.5.0-150000.3.14.1.aarch64_ilp32"
}
},
{
"category": "product_version",
"name": "libwebpmux2-64bit-0.5.0-150000.3.14.1.aarch64_ilp32",
"product": {
"name": "libwebpmux2-64bit-0.5.0-150000.3.14.1.aarch64_ilp32",
"product_id": "libwebpmux2-64bit-0.5.0-150000.3.14.1.aarch64_ilp32"
}
}
],
"category": "architecture",
"name": "aarch64_ilp32"
},
{
"branches": [
{
"category": "product_version",
"name": "libwebp-devel-0.5.0-150000.3.14.1.i586",
"product": {
"name": "libwebp-devel-0.5.0-150000.3.14.1.i586",
"product_id": "libwebp-devel-0.5.0-150000.3.14.1.i586"
}
},
{
"category": "product_version",
"name": "libwebp-tools-0.5.0-150000.3.14.1.i586",
"product": {
"name": "libwebp-tools-0.5.0-150000.3.14.1.i586",
"product_id": "libwebp-tools-0.5.0-150000.3.14.1.i586"
}
},
{
"category": "product_version",
"name": "libwebp6-0.5.0-150000.3.14.1.i586",
"product": {
"name": "libwebp6-0.5.0-150000.3.14.1.i586",
"product_id": "libwebp6-0.5.0-150000.3.14.1.i586"
}
},
{
"category": "product_version",
"name": "libwebpdecoder2-0.5.0-150000.3.14.1.i586",
"product": {
"name": "libwebpdecoder2-0.5.0-150000.3.14.1.i586",
"product_id": "libwebpdecoder2-0.5.0-150000.3.14.1.i586"
}
},
{
"category": "product_version",
"name": "libwebpdemux2-0.5.0-150000.3.14.1.i586",
"product": {
"name": "libwebpdemux2-0.5.0-150000.3.14.1.i586",
"product_id": "libwebpdemux2-0.5.0-150000.3.14.1.i586"
}
},
{
"category": "product_version",
"name": "libwebpextras0-0.5.0-150000.3.14.1.i586",
"product": {
"name": "libwebpextras0-0.5.0-150000.3.14.1.i586",
"product_id": "libwebpextras0-0.5.0-150000.3.14.1.i586"
}
},
{
"category": "product_version",
"name": "libwebpmux2-0.5.0-150000.3.14.1.i586",
"product": {
"name": "libwebpmux2-0.5.0-150000.3.14.1.i586",
"product_id": "libwebpmux2-0.5.0-150000.3.14.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "libwebp-devel-0.5.0-150000.3.14.1.ppc64le",
"product": {
"name": "libwebp-devel-0.5.0-150000.3.14.1.ppc64le",
"product_id": "libwebp-devel-0.5.0-150000.3.14.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libwebp-tools-0.5.0-150000.3.14.1.ppc64le",
"product": {
"name": "libwebp-tools-0.5.0-150000.3.14.1.ppc64le",
"product_id": "libwebp-tools-0.5.0-150000.3.14.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libwebp6-0.5.0-150000.3.14.1.ppc64le",
"product": {
"name": "libwebp6-0.5.0-150000.3.14.1.ppc64le",
"product_id": "libwebp6-0.5.0-150000.3.14.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libwebpdecoder2-0.5.0-150000.3.14.1.ppc64le",
"product": {
"name": "libwebpdecoder2-0.5.0-150000.3.14.1.ppc64le",
"product_id": "libwebpdecoder2-0.5.0-150000.3.14.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libwebpdemux2-0.5.0-150000.3.14.1.ppc64le",
"product": {
"name": "libwebpdemux2-0.5.0-150000.3.14.1.ppc64le",
"product_id": "libwebpdemux2-0.5.0-150000.3.14.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libwebpextras0-0.5.0-150000.3.14.1.ppc64le",
"product": {
"name": "libwebpextras0-0.5.0-150000.3.14.1.ppc64le",
"product_id": "libwebpextras0-0.5.0-150000.3.14.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libwebpmux2-0.5.0-150000.3.14.1.ppc64le",
"product": {
"name": "libwebpmux2-0.5.0-150000.3.14.1.ppc64le",
"product_id": "libwebpmux2-0.5.0-150000.3.14.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libwebp-devel-0.5.0-150000.3.14.1.s390x",
"product": {
"name": "libwebp-devel-0.5.0-150000.3.14.1.s390x",
"product_id": "libwebp-devel-0.5.0-150000.3.14.1.s390x"
}
},
{
"category": "product_version",
"name": "libwebp-tools-0.5.0-150000.3.14.1.s390x",
"product": {
"name": "libwebp-tools-0.5.0-150000.3.14.1.s390x",
"product_id": "libwebp-tools-0.5.0-150000.3.14.1.s390x"
}
},
{
"category": "product_version",
"name": "libwebp6-0.5.0-150000.3.14.1.s390x",
"product": {
"name": "libwebp6-0.5.0-150000.3.14.1.s390x",
"product_id": "libwebp6-0.5.0-150000.3.14.1.s390x"
}
},
{
"category": "product_version",
"name": "libwebpdecoder2-0.5.0-150000.3.14.1.s390x",
"product": {
"name": "libwebpdecoder2-0.5.0-150000.3.14.1.s390x",
"product_id": "libwebpdecoder2-0.5.0-150000.3.14.1.s390x"
}
},
{
"category": "product_version",
"name": "libwebpdemux2-0.5.0-150000.3.14.1.s390x",
"product": {
"name": "libwebpdemux2-0.5.0-150000.3.14.1.s390x",
"product_id": "libwebpdemux2-0.5.0-150000.3.14.1.s390x"
}
},
{
"category": "product_version",
"name": "libwebpextras0-0.5.0-150000.3.14.1.s390x",
"product": {
"name": "libwebpextras0-0.5.0-150000.3.14.1.s390x",
"product_id": "libwebpextras0-0.5.0-150000.3.14.1.s390x"
}
},
{
"category": "product_version",
"name": "libwebpmux2-0.5.0-150000.3.14.1.s390x",
"product": {
"name": "libwebpmux2-0.5.0-150000.3.14.1.s390x",
"product_id": "libwebpmux2-0.5.0-150000.3.14.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libwebp-devel-0.5.0-150000.3.14.1.x86_64",
"product": {
"name": "libwebp-devel-0.5.0-150000.3.14.1.x86_64",
"product_id": "libwebp-devel-0.5.0-150000.3.14.1.x86_64"
}
},
{
"category": "product_version",
"name": "libwebp-devel-32bit-0.5.0-150000.3.14.1.x86_64",
"product": {
"name": "libwebp-devel-32bit-0.5.0-150000.3.14.1.x86_64",
"product_id": "libwebp-devel-32bit-0.5.0-150000.3.14.1.x86_64"
}
},
{
"category": "product_version",
"name": "libwebp-tools-0.5.0-150000.3.14.1.x86_64",
"product": {
"name": "libwebp-tools-0.5.0-150000.3.14.1.x86_64",
"product_id": "libwebp-tools-0.5.0-150000.3.14.1.x86_64"
}
},
{
"category": "product_version",
"name": "libwebp6-0.5.0-150000.3.14.1.x86_64",
"product": {
"name": "libwebp6-0.5.0-150000.3.14.1.x86_64",
"product_id": "libwebp6-0.5.0-150000.3.14.1.x86_64"
}
},
{
"category": "product_version",
"name": "libwebp6-32bit-0.5.0-150000.3.14.1.x86_64",
"product": {
"name": "libwebp6-32bit-0.5.0-150000.3.14.1.x86_64",
"product_id": "libwebp6-32bit-0.5.0-150000.3.14.1.x86_64"
}
},
{
"category": "product_version",
"name": "libwebpdecoder2-0.5.0-150000.3.14.1.x86_64",
"product": {
"name": "libwebpdecoder2-0.5.0-150000.3.14.1.x86_64",
"product_id": "libwebpdecoder2-0.5.0-150000.3.14.1.x86_64"
}
},
{
"category": "product_version",
"name": "libwebpdecoder2-32bit-0.5.0-150000.3.14.1.x86_64",
"product": {
"name": "libwebpdecoder2-32bit-0.5.0-150000.3.14.1.x86_64",
"product_id": "libwebpdecoder2-32bit-0.5.0-150000.3.14.1.x86_64"
}
},
{
"category": "product_version",
"name": "libwebpdemux2-0.5.0-150000.3.14.1.x86_64",
"product": {
"name": "libwebpdemux2-0.5.0-150000.3.14.1.x86_64",
"product_id": "libwebpdemux2-0.5.0-150000.3.14.1.x86_64"
}
},
{
"category": "product_version",
"name": "libwebpdemux2-32bit-0.5.0-150000.3.14.1.x86_64",
"product": {
"name": "libwebpdemux2-32bit-0.5.0-150000.3.14.1.x86_64",
"product_id": "libwebpdemux2-32bit-0.5.0-150000.3.14.1.x86_64"
}
},
{
"category": "product_version",
"name": "libwebpextras0-0.5.0-150000.3.14.1.x86_64",
"product": {
"name": "libwebpextras0-0.5.0-150000.3.14.1.x86_64",
"product_id": "libwebpextras0-0.5.0-150000.3.14.1.x86_64"
}
},
{
"category": "product_version",
"name": "libwebpextras0-32bit-0.5.0-150000.3.14.1.x86_64",
"product": {
"name": "libwebpextras0-32bit-0.5.0-150000.3.14.1.x86_64",
"product_id": "libwebpextras0-32bit-0.5.0-150000.3.14.1.x86_64"
}
},
{
"category": "product_version",
"name": "libwebpmux2-0.5.0-150000.3.14.1.x86_64",
"product": {
"name": "libwebpmux2-0.5.0-150000.3.14.1.x86_64",
"product_id": "libwebpmux2-0.5.0-150000.3.14.1.x86_64"
}
},
{
"category": "product_version",
"name": "libwebpmux2-32bit-0.5.0-150000.3.14.1.x86_64",
"product": {
"name": "libwebpmux2-32bit-0.5.0-150000.3.14.1.x86_64",
"product_id": "libwebpmux2-32bit-0.5.0-150000.3.14.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Package Hub 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Module for Package Hub 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:packagehub:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Package Hub 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Module for Package Hub 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:packagehub:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP1-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Workstation Extension 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Workstation Extension 15 SP4",
"product_id": "SUSE Linux Enterprise Workstation Extension 15 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-we:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Workstation Extension 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Workstation Extension 15 SP5",
"product_id": "SUSE Linux Enterprise Workstation Extension 15 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-we:15:sp5"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.4",
"product": {
"name": "openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.4"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebp6-32bit-0.5.0-150000.3.14.1.x86_64 as component of SUSE Linux Enterprise Module for Package Hub 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP4:libwebp6-32bit-0.5.0-150000.3.14.1.x86_64"
},
"product_reference": "libwebp6-32bit-0.5.0-150000.3.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebp6-32bit-0.5.0-150000.3.14.1.x86_64 as component of SUSE Linux Enterprise Module for Package Hub 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP5:libwebp6-32bit-0.5.0-150000.3.14.1.x86_64"
},
"product_reference": "libwebp6-32bit-0.5.0-150000.3.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebp-devel-0.5.0-150000.3.14.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libwebp-devel-0.5.0-150000.3.14.1.aarch64"
},
"product_reference": "libwebp-devel-0.5.0-150000.3.14.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebp-devel-0.5.0-150000.3.14.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libwebp-devel-0.5.0-150000.3.14.1.x86_64"
},
"product_reference": "libwebp-devel-0.5.0-150000.3.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebp6-0.5.0-150000.3.14.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libwebp6-0.5.0-150000.3.14.1.aarch64"
},
"product_reference": "libwebp6-0.5.0-150000.3.14.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebp6-0.5.0-150000.3.14.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libwebp6-0.5.0-150000.3.14.1.x86_64"
},
"product_reference": "libwebp6-0.5.0-150000.3.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebp6-32bit-0.5.0-150000.3.14.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libwebp6-32bit-0.5.0-150000.3.14.1.x86_64"
},
"product_reference": "libwebp6-32bit-0.5.0-150000.3.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebpdecoder2-0.5.0-150000.3.14.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libwebpdecoder2-0.5.0-150000.3.14.1.aarch64"
},
"product_reference": "libwebpdecoder2-0.5.0-150000.3.14.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebpdecoder2-0.5.0-150000.3.14.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libwebpdecoder2-0.5.0-150000.3.14.1.x86_64"
},
"product_reference": "libwebpdecoder2-0.5.0-150000.3.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebpdecoder2-32bit-0.5.0-150000.3.14.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libwebpdecoder2-32bit-0.5.0-150000.3.14.1.x86_64"
},
"product_reference": "libwebpdecoder2-32bit-0.5.0-150000.3.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebpdemux2-0.5.0-150000.3.14.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libwebpdemux2-0.5.0-150000.3.14.1.aarch64"
},
"product_reference": "libwebpdemux2-0.5.0-150000.3.14.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebpdemux2-0.5.0-150000.3.14.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libwebpdemux2-0.5.0-150000.3.14.1.x86_64"
},
"product_reference": "libwebpdemux2-0.5.0-150000.3.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebpdemux2-32bit-0.5.0-150000.3.14.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libwebpdemux2-32bit-0.5.0-150000.3.14.1.x86_64"
},
"product_reference": "libwebpdemux2-32bit-0.5.0-150000.3.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebpextras0-0.5.0-150000.3.14.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libwebpextras0-0.5.0-150000.3.14.1.aarch64"
},
"product_reference": "libwebpextras0-0.5.0-150000.3.14.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebpextras0-0.5.0-150000.3.14.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libwebpextras0-0.5.0-150000.3.14.1.x86_64"
},
"product_reference": "libwebpextras0-0.5.0-150000.3.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebpextras0-32bit-0.5.0-150000.3.14.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libwebpextras0-32bit-0.5.0-150000.3.14.1.x86_64"
},
"product_reference": "libwebpextras0-32bit-0.5.0-150000.3.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebpmux2-0.5.0-150000.3.14.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libwebpmux2-0.5.0-150000.3.14.1.aarch64"
},
"product_reference": "libwebpmux2-0.5.0-150000.3.14.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebpmux2-0.5.0-150000.3.14.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libwebpmux2-0.5.0-150000.3.14.1.x86_64"
},
"product_reference": "libwebpmux2-0.5.0-150000.3.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebpmux2-32bit-0.5.0-150000.3.14.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libwebpmux2-32bit-0.5.0-150000.3.14.1.x86_64"
},
"product_reference": "libwebpmux2-32bit-0.5.0-150000.3.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebp-devel-0.5.0-150000.3.14.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:libwebp-devel-0.5.0-150000.3.14.1.aarch64"
},
"product_reference": "libwebp-devel-0.5.0-150000.3.14.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebp-devel-0.5.0-150000.3.14.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:libwebp-devel-0.5.0-150000.3.14.1.ppc64le"
},
"product_reference": "libwebp-devel-0.5.0-150000.3.14.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebp-devel-0.5.0-150000.3.14.1.s390x as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:libwebp-devel-0.5.0-150000.3.14.1.s390x"
},
"product_reference": "libwebp-devel-0.5.0-150000.3.14.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebp-devel-0.5.0-150000.3.14.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:libwebp-devel-0.5.0-150000.3.14.1.x86_64"
},
"product_reference": "libwebp-devel-0.5.0-150000.3.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebp6-0.5.0-150000.3.14.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:libwebp6-0.5.0-150000.3.14.1.aarch64"
},
"product_reference": "libwebp6-0.5.0-150000.3.14.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebp6-0.5.0-150000.3.14.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:libwebp6-0.5.0-150000.3.14.1.ppc64le"
},
"product_reference": "libwebp6-0.5.0-150000.3.14.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebp6-0.5.0-150000.3.14.1.s390x as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:libwebp6-0.5.0-150000.3.14.1.s390x"
},
"product_reference": "libwebp6-0.5.0-150000.3.14.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebp6-0.5.0-150000.3.14.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:libwebp6-0.5.0-150000.3.14.1.x86_64"
},
"product_reference": "libwebp6-0.5.0-150000.3.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebp6-32bit-0.5.0-150000.3.14.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:libwebp6-32bit-0.5.0-150000.3.14.1.x86_64"
},
"product_reference": "libwebp6-32bit-0.5.0-150000.3.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebpdecoder2-0.5.0-150000.3.14.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:libwebpdecoder2-0.5.0-150000.3.14.1.aarch64"
},
"product_reference": "libwebpdecoder2-0.5.0-150000.3.14.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebpdecoder2-0.5.0-150000.3.14.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:libwebpdecoder2-0.5.0-150000.3.14.1.ppc64le"
},
"product_reference": "libwebpdecoder2-0.5.0-150000.3.14.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebpdecoder2-0.5.0-150000.3.14.1.s390x as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:libwebpdecoder2-0.5.0-150000.3.14.1.s390x"
},
"product_reference": "libwebpdecoder2-0.5.0-150000.3.14.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebpdecoder2-0.5.0-150000.3.14.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:libwebpdecoder2-0.5.0-150000.3.14.1.x86_64"
},
"product_reference": "libwebpdecoder2-0.5.0-150000.3.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebpdecoder2-32bit-0.5.0-150000.3.14.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:libwebpdecoder2-32bit-0.5.0-150000.3.14.1.x86_64"
},
"product_reference": "libwebpdecoder2-32bit-0.5.0-150000.3.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebpdemux2-0.5.0-150000.3.14.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:libwebpdemux2-0.5.0-150000.3.14.1.aarch64"
},
"product_reference": "libwebpdemux2-0.5.0-150000.3.14.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebpdemux2-0.5.0-150000.3.14.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:libwebpdemux2-0.5.0-150000.3.14.1.ppc64le"
},
"product_reference": "libwebpdemux2-0.5.0-150000.3.14.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebpdemux2-0.5.0-150000.3.14.1.s390x as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:libwebpdemux2-0.5.0-150000.3.14.1.s390x"
},
"product_reference": "libwebpdemux2-0.5.0-150000.3.14.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebpdemux2-0.5.0-150000.3.14.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:libwebpdemux2-0.5.0-150000.3.14.1.x86_64"
},
"product_reference": "libwebpdemux2-0.5.0-150000.3.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebpdemux2-32bit-0.5.0-150000.3.14.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:libwebpdemux2-32bit-0.5.0-150000.3.14.1.x86_64"
},
"product_reference": "libwebpdemux2-32bit-0.5.0-150000.3.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebpextras0-0.5.0-150000.3.14.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:libwebpextras0-0.5.0-150000.3.14.1.aarch64"
},
"product_reference": "libwebpextras0-0.5.0-150000.3.14.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebpextras0-0.5.0-150000.3.14.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:libwebpextras0-0.5.0-150000.3.14.1.ppc64le"
},
"product_reference": "libwebpextras0-0.5.0-150000.3.14.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebpextras0-0.5.0-150000.3.14.1.s390x as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:libwebpextras0-0.5.0-150000.3.14.1.s390x"
},
"product_reference": "libwebpextras0-0.5.0-150000.3.14.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebpextras0-0.5.0-150000.3.14.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:libwebpextras0-0.5.0-150000.3.14.1.x86_64"
},
"product_reference": "libwebpextras0-0.5.0-150000.3.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebpextras0-32bit-0.5.0-150000.3.14.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:libwebpextras0-32bit-0.5.0-150000.3.14.1.x86_64"
},
"product_reference": "libwebpextras0-32bit-0.5.0-150000.3.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebpmux2-0.5.0-150000.3.14.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:libwebpmux2-0.5.0-150000.3.14.1.aarch64"
},
"product_reference": "libwebpmux2-0.5.0-150000.3.14.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebpmux2-0.5.0-150000.3.14.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:libwebpmux2-0.5.0-150000.3.14.1.ppc64le"
},
"product_reference": "libwebpmux2-0.5.0-150000.3.14.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebpmux2-0.5.0-150000.3.14.1.s390x as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:libwebpmux2-0.5.0-150000.3.14.1.s390x"
},
"product_reference": "libwebpmux2-0.5.0-150000.3.14.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebpmux2-0.5.0-150000.3.14.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:libwebpmux2-0.5.0-150000.3.14.1.x86_64"
},
"product_reference": "libwebpmux2-0.5.0-150000.3.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebpmux2-32bit-0.5.0-150000.3.14.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:libwebpmux2-32bit-0.5.0-150000.3.14.1.x86_64"
},
"product_reference": "libwebpmux2-32bit-0.5.0-150000.3.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebp-devel-0.5.0-150000.3.14.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:libwebp-devel-0.5.0-150000.3.14.1.ppc64le"
},
"product_reference": "libwebp-devel-0.5.0-150000.3.14.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebp-devel-0.5.0-150000.3.14.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:libwebp-devel-0.5.0-150000.3.14.1.x86_64"
},
"product_reference": "libwebp-devel-0.5.0-150000.3.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebp6-0.5.0-150000.3.14.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:libwebp6-0.5.0-150000.3.14.1.ppc64le"
},
"product_reference": "libwebp6-0.5.0-150000.3.14.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebp6-0.5.0-150000.3.14.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:libwebp6-0.5.0-150000.3.14.1.x86_64"
},
"product_reference": "libwebp6-0.5.0-150000.3.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebp6-32bit-0.5.0-150000.3.14.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:libwebp6-32bit-0.5.0-150000.3.14.1.x86_64"
},
"product_reference": "libwebp6-32bit-0.5.0-150000.3.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebpdecoder2-0.5.0-150000.3.14.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:libwebpdecoder2-0.5.0-150000.3.14.1.ppc64le"
},
"product_reference": "libwebpdecoder2-0.5.0-150000.3.14.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebpdecoder2-0.5.0-150000.3.14.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:libwebpdecoder2-0.5.0-150000.3.14.1.x86_64"
},
"product_reference": "libwebpdecoder2-0.5.0-150000.3.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebpdecoder2-32bit-0.5.0-150000.3.14.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:libwebpdecoder2-32bit-0.5.0-150000.3.14.1.x86_64"
},
"product_reference": "libwebpdecoder2-32bit-0.5.0-150000.3.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebpdemux2-0.5.0-150000.3.14.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:libwebpdemux2-0.5.0-150000.3.14.1.ppc64le"
},
"product_reference": "libwebpdemux2-0.5.0-150000.3.14.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebpdemux2-0.5.0-150000.3.14.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:libwebpdemux2-0.5.0-150000.3.14.1.x86_64"
},
"product_reference": "libwebpdemux2-0.5.0-150000.3.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebpdemux2-32bit-0.5.0-150000.3.14.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:libwebpdemux2-32bit-0.5.0-150000.3.14.1.x86_64"
},
"product_reference": "libwebpdemux2-32bit-0.5.0-150000.3.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebpextras0-0.5.0-150000.3.14.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:libwebpextras0-0.5.0-150000.3.14.1.ppc64le"
},
"product_reference": "libwebpextras0-0.5.0-150000.3.14.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebpextras0-0.5.0-150000.3.14.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:libwebpextras0-0.5.0-150000.3.14.1.x86_64"
},
"product_reference": "libwebpextras0-0.5.0-150000.3.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebpextras0-32bit-0.5.0-150000.3.14.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:libwebpextras0-32bit-0.5.0-150000.3.14.1.x86_64"
},
"product_reference": "libwebpextras0-32bit-0.5.0-150000.3.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebpmux2-0.5.0-150000.3.14.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:libwebpmux2-0.5.0-150000.3.14.1.ppc64le"
},
"product_reference": "libwebpmux2-0.5.0-150000.3.14.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebpmux2-0.5.0-150000.3.14.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:libwebpmux2-0.5.0-150000.3.14.1.x86_64"
},
"product_reference": "libwebpmux2-0.5.0-150000.3.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebpmux2-32bit-0.5.0-150000.3.14.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:libwebpmux2-32bit-0.5.0-150000.3.14.1.x86_64"
},
"product_reference": "libwebpmux2-32bit-0.5.0-150000.3.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebp6-0.5.0-150000.3.14.1.x86_64 as component of SUSE Linux Enterprise Workstation Extension 15 SP4",
"product_id": "SUSE Linux Enterprise Workstation Extension 15 SP4:libwebp6-0.5.0-150000.3.14.1.x86_64"
},
"product_reference": "libwebp6-0.5.0-150000.3.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Workstation Extension 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebp6-0.5.0-150000.3.14.1.x86_64 as component of SUSE Linux Enterprise Workstation Extension 15 SP5",
"product_id": "SUSE Linux Enterprise Workstation Extension 15 SP5:libwebp6-0.5.0-150000.3.14.1.x86_64"
},
"product_reference": "libwebp6-0.5.0-150000.3.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Workstation Extension 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebp6-0.5.0-150000.3.14.1.aarch64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:libwebp6-0.5.0-150000.3.14.1.aarch64"
},
"product_reference": "libwebp6-0.5.0-150000.3.14.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebp6-0.5.0-150000.3.14.1.ppc64le as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:libwebp6-0.5.0-150000.3.14.1.ppc64le"
},
"product_reference": "libwebp6-0.5.0-150000.3.14.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebp6-0.5.0-150000.3.14.1.s390x as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:libwebp6-0.5.0-150000.3.14.1.s390x"
},
"product_reference": "libwebp6-0.5.0-150000.3.14.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebp6-0.5.0-150000.3.14.1.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:libwebp6-0.5.0-150000.3.14.1.x86_64"
},
"product_reference": "libwebp6-0.5.0-150000.3.14.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebp6-32bit-0.5.0-150000.3.14.1.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:libwebp6-32bit-0.5.0-150000.3.14.1.x86_64"
},
"product_reference": "libwebp6-32bit-0.5.0-150000.3.14.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebpdecoder2-0.5.0-150000.3.14.1.aarch64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:libwebpdecoder2-0.5.0-150000.3.14.1.aarch64"
},
"product_reference": "libwebpdecoder2-0.5.0-150000.3.14.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebpdecoder2-0.5.0-150000.3.14.1.ppc64le as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:libwebpdecoder2-0.5.0-150000.3.14.1.ppc64le"
},
"product_reference": "libwebpdecoder2-0.5.0-150000.3.14.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebpdecoder2-0.5.0-150000.3.14.1.s390x as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:libwebpdecoder2-0.5.0-150000.3.14.1.s390x"
},
"product_reference": "libwebpdecoder2-0.5.0-150000.3.14.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebpdecoder2-0.5.0-150000.3.14.1.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:libwebpdecoder2-0.5.0-150000.3.14.1.x86_64"
},
"product_reference": "libwebpdecoder2-0.5.0-150000.3.14.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebpdecoder2-32bit-0.5.0-150000.3.14.1.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:libwebpdecoder2-32bit-0.5.0-150000.3.14.1.x86_64"
},
"product_reference": "libwebpdecoder2-32bit-0.5.0-150000.3.14.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebpextras0-0.5.0-150000.3.14.1.aarch64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:libwebpextras0-0.5.0-150000.3.14.1.aarch64"
},
"product_reference": "libwebpextras0-0.5.0-150000.3.14.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebpextras0-0.5.0-150000.3.14.1.ppc64le as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:libwebpextras0-0.5.0-150000.3.14.1.ppc64le"
},
"product_reference": "libwebpextras0-0.5.0-150000.3.14.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebpextras0-0.5.0-150000.3.14.1.s390x as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:libwebpextras0-0.5.0-150000.3.14.1.s390x"
},
"product_reference": "libwebpextras0-0.5.0-150000.3.14.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebpextras0-0.5.0-150000.3.14.1.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:libwebpextras0-0.5.0-150000.3.14.1.x86_64"
},
"product_reference": "libwebpextras0-0.5.0-150000.3.14.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebpextras0-32bit-0.5.0-150000.3.14.1.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:libwebpextras0-32bit-0.5.0-150000.3.14.1.x86_64"
},
"product_reference": "libwebpextras0-32bit-0.5.0-150000.3.14.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebpmux2-0.5.0-150000.3.14.1.aarch64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:libwebpmux2-0.5.0-150000.3.14.1.aarch64"
},
"product_reference": "libwebpmux2-0.5.0-150000.3.14.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebpmux2-0.5.0-150000.3.14.1.ppc64le as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:libwebpmux2-0.5.0-150000.3.14.1.ppc64le"
},
"product_reference": "libwebpmux2-0.5.0-150000.3.14.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebpmux2-0.5.0-150000.3.14.1.s390x as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:libwebpmux2-0.5.0-150000.3.14.1.s390x"
},
"product_reference": "libwebpmux2-0.5.0-150000.3.14.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebpmux2-0.5.0-150000.3.14.1.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:libwebpmux2-0.5.0-150000.3.14.1.x86_64"
},
"product_reference": "libwebpmux2-0.5.0-150000.3.14.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebpmux2-32bit-0.5.0-150000.3.14.1.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:libwebpmux2-32bit-0.5.0-150000.3.14.1.x86_64"
},
"product_reference": "libwebpmux2-32bit-0.5.0-150000.3.14.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-4863",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-4863"
}
],
"notes": [
{
"category": "general",
"text": "Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libwebp-devel-0.5.0-150000.3.14.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libwebp-devel-0.5.0-150000.3.14.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libwebp6-0.5.0-150000.3.14.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libwebp6-0.5.0-150000.3.14.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libwebp6-32bit-0.5.0-150000.3.14.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libwebpdecoder2-0.5.0-150000.3.14.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libwebpdecoder2-0.5.0-150000.3.14.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libwebpdecoder2-32bit-0.5.0-150000.3.14.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libwebpdemux2-0.5.0-150000.3.14.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libwebpdemux2-0.5.0-150000.3.14.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libwebpdemux2-32bit-0.5.0-150000.3.14.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libwebpextras0-0.5.0-150000.3.14.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libwebpextras0-0.5.0-150000.3.14.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libwebpextras0-32bit-0.5.0-150000.3.14.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libwebpmux2-0.5.0-150000.3.14.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libwebpmux2-0.5.0-150000.3.14.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libwebpmux2-32bit-0.5.0-150000.3.14.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:libwebp6-32bit-0.5.0-150000.3.14.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:libwebp6-32bit-0.5.0-150000.3.14.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libwebp-devel-0.5.0-150000.3.14.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libwebp-devel-0.5.0-150000.3.14.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libwebp-devel-0.5.0-150000.3.14.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libwebp-devel-0.5.0-150000.3.14.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libwebp6-0.5.0-150000.3.14.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libwebp6-0.5.0-150000.3.14.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libwebp6-0.5.0-150000.3.14.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libwebp6-0.5.0-150000.3.14.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libwebp6-32bit-0.5.0-150000.3.14.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libwebpdecoder2-0.5.0-150000.3.14.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libwebpdecoder2-0.5.0-150000.3.14.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libwebpdecoder2-0.5.0-150000.3.14.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libwebpdecoder2-0.5.0-150000.3.14.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libwebpdecoder2-32bit-0.5.0-150000.3.14.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libwebpdemux2-0.5.0-150000.3.14.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libwebpdemux2-0.5.0-150000.3.14.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libwebpdemux2-0.5.0-150000.3.14.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libwebpdemux2-0.5.0-150000.3.14.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libwebpdemux2-32bit-0.5.0-150000.3.14.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libwebpextras0-0.5.0-150000.3.14.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libwebpextras0-0.5.0-150000.3.14.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libwebpextras0-0.5.0-150000.3.14.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libwebpextras0-0.5.0-150000.3.14.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libwebpextras0-32bit-0.5.0-150000.3.14.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libwebpmux2-0.5.0-150000.3.14.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libwebpmux2-0.5.0-150000.3.14.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libwebpmux2-0.5.0-150000.3.14.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libwebpmux2-0.5.0-150000.3.14.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libwebpmux2-32bit-0.5.0-150000.3.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libwebp-devel-0.5.0-150000.3.14.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libwebp-devel-0.5.0-150000.3.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libwebp6-0.5.0-150000.3.14.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libwebp6-0.5.0-150000.3.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libwebp6-32bit-0.5.0-150000.3.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libwebpdecoder2-0.5.0-150000.3.14.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libwebpdecoder2-0.5.0-150000.3.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libwebpdecoder2-32bit-0.5.0-150000.3.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libwebpdemux2-0.5.0-150000.3.14.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libwebpdemux2-0.5.0-150000.3.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libwebpdemux2-32bit-0.5.0-150000.3.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libwebpextras0-0.5.0-150000.3.14.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libwebpextras0-0.5.0-150000.3.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libwebpextras0-32bit-0.5.0-150000.3.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libwebpmux2-0.5.0-150000.3.14.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libwebpmux2-0.5.0-150000.3.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libwebpmux2-32bit-0.5.0-150000.3.14.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:libwebp6-0.5.0-150000.3.14.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:libwebp6-0.5.0-150000.3.14.1.x86_64",
"openSUSE Leap 15.4:libwebp6-0.5.0-150000.3.14.1.aarch64",
"openSUSE Leap 15.4:libwebp6-0.5.0-150000.3.14.1.ppc64le",
"openSUSE Leap 15.4:libwebp6-0.5.0-150000.3.14.1.s390x",
"openSUSE Leap 15.4:libwebp6-0.5.0-150000.3.14.1.x86_64",
"openSUSE Leap 15.4:libwebp6-32bit-0.5.0-150000.3.14.1.x86_64",
"openSUSE Leap 15.4:libwebpdecoder2-0.5.0-150000.3.14.1.aarch64",
"openSUSE Leap 15.4:libwebpdecoder2-0.5.0-150000.3.14.1.ppc64le",
"openSUSE Leap 15.4:libwebpdecoder2-0.5.0-150000.3.14.1.s390x",
"openSUSE Leap 15.4:libwebpdecoder2-0.5.0-150000.3.14.1.x86_64",
"openSUSE Leap 15.4:libwebpdecoder2-32bit-0.5.0-150000.3.14.1.x86_64",
"openSUSE Leap 15.4:libwebpextras0-0.5.0-150000.3.14.1.aarch64",
"openSUSE Leap 15.4:libwebpextras0-0.5.0-150000.3.14.1.ppc64le",
"openSUSE Leap 15.4:libwebpextras0-0.5.0-150000.3.14.1.s390x",
"openSUSE Leap 15.4:libwebpextras0-0.5.0-150000.3.14.1.x86_64",
"openSUSE Leap 15.4:libwebpextras0-32bit-0.5.0-150000.3.14.1.x86_64",
"openSUSE Leap 15.4:libwebpmux2-0.5.0-150000.3.14.1.aarch64",
"openSUSE Leap 15.4:libwebpmux2-0.5.0-150000.3.14.1.ppc64le",
"openSUSE Leap 15.4:libwebpmux2-0.5.0-150000.3.14.1.s390x",
"openSUSE Leap 15.4:libwebpmux2-0.5.0-150000.3.14.1.x86_64",
"openSUSE Leap 15.4:libwebpmux2-32bit-0.5.0-150000.3.14.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-4863",
"url": "https://www.suse.com/security/cve/CVE-2023-4863"
},
{
"category": "external",
"summary": "SUSE Bug 1215231 for CVE-2023-4863",
"url": "https://bugzilla.suse.com/1215231"
},
{
"category": "external",
"summary": "SUSE Bug 1217115 for CVE-2023-4863",
"url": "https://bugzilla.suse.com/1217115"
},
{
"category": "external",
"summary": "SUSE Bug 1217117 for CVE-2023-4863",
"url": "https://bugzilla.suse.com/1217117"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libwebp-devel-0.5.0-150000.3.14.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libwebp-devel-0.5.0-150000.3.14.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libwebp6-0.5.0-150000.3.14.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libwebp6-0.5.0-150000.3.14.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libwebp6-32bit-0.5.0-150000.3.14.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libwebpdecoder2-0.5.0-150000.3.14.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libwebpdecoder2-0.5.0-150000.3.14.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libwebpdecoder2-32bit-0.5.0-150000.3.14.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libwebpdemux2-0.5.0-150000.3.14.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libwebpdemux2-0.5.0-150000.3.14.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libwebpdemux2-32bit-0.5.0-150000.3.14.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libwebpextras0-0.5.0-150000.3.14.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libwebpextras0-0.5.0-150000.3.14.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libwebpextras0-32bit-0.5.0-150000.3.14.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libwebpmux2-0.5.0-150000.3.14.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libwebpmux2-0.5.0-150000.3.14.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libwebpmux2-32bit-0.5.0-150000.3.14.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:libwebp6-32bit-0.5.0-150000.3.14.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:libwebp6-32bit-0.5.0-150000.3.14.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libwebp-devel-0.5.0-150000.3.14.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libwebp-devel-0.5.0-150000.3.14.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libwebp-devel-0.5.0-150000.3.14.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libwebp-devel-0.5.0-150000.3.14.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libwebp6-0.5.0-150000.3.14.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libwebp6-0.5.0-150000.3.14.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libwebp6-0.5.0-150000.3.14.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libwebp6-0.5.0-150000.3.14.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libwebp6-32bit-0.5.0-150000.3.14.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libwebpdecoder2-0.5.0-150000.3.14.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libwebpdecoder2-0.5.0-150000.3.14.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libwebpdecoder2-0.5.0-150000.3.14.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libwebpdecoder2-0.5.0-150000.3.14.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libwebpdecoder2-32bit-0.5.0-150000.3.14.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libwebpdemux2-0.5.0-150000.3.14.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libwebpdemux2-0.5.0-150000.3.14.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libwebpdemux2-0.5.0-150000.3.14.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libwebpdemux2-0.5.0-150000.3.14.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libwebpdemux2-32bit-0.5.0-150000.3.14.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libwebpextras0-0.5.0-150000.3.14.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libwebpextras0-0.5.0-150000.3.14.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libwebpextras0-0.5.0-150000.3.14.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libwebpextras0-0.5.0-150000.3.14.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libwebpextras0-32bit-0.5.0-150000.3.14.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libwebpmux2-0.5.0-150000.3.14.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libwebpmux2-0.5.0-150000.3.14.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libwebpmux2-0.5.0-150000.3.14.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libwebpmux2-0.5.0-150000.3.14.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libwebpmux2-32bit-0.5.0-150000.3.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libwebp-devel-0.5.0-150000.3.14.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libwebp-devel-0.5.0-150000.3.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libwebp6-0.5.0-150000.3.14.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libwebp6-0.5.0-150000.3.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libwebp6-32bit-0.5.0-150000.3.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libwebpdecoder2-0.5.0-150000.3.14.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libwebpdecoder2-0.5.0-150000.3.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libwebpdecoder2-32bit-0.5.0-150000.3.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libwebpdemux2-0.5.0-150000.3.14.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libwebpdemux2-0.5.0-150000.3.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libwebpdemux2-32bit-0.5.0-150000.3.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libwebpextras0-0.5.0-150000.3.14.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libwebpextras0-0.5.0-150000.3.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libwebpextras0-32bit-0.5.0-150000.3.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libwebpmux2-0.5.0-150000.3.14.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libwebpmux2-0.5.0-150000.3.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libwebpmux2-32bit-0.5.0-150000.3.14.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:libwebp6-0.5.0-150000.3.14.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:libwebp6-0.5.0-150000.3.14.1.x86_64",
"openSUSE Leap 15.4:libwebp6-0.5.0-150000.3.14.1.aarch64",
"openSUSE Leap 15.4:libwebp6-0.5.0-150000.3.14.1.ppc64le",
"openSUSE Leap 15.4:libwebp6-0.5.0-150000.3.14.1.s390x",
"openSUSE Leap 15.4:libwebp6-0.5.0-150000.3.14.1.x86_64",
"openSUSE Leap 15.4:libwebp6-32bit-0.5.0-150000.3.14.1.x86_64",
"openSUSE Leap 15.4:libwebpdecoder2-0.5.0-150000.3.14.1.aarch64",
"openSUSE Leap 15.4:libwebpdecoder2-0.5.0-150000.3.14.1.ppc64le",
"openSUSE Leap 15.4:libwebpdecoder2-0.5.0-150000.3.14.1.s390x",
"openSUSE Leap 15.4:libwebpdecoder2-0.5.0-150000.3.14.1.x86_64",
"openSUSE Leap 15.4:libwebpdecoder2-32bit-0.5.0-150000.3.14.1.x86_64",
"openSUSE Leap 15.4:libwebpextras0-0.5.0-150000.3.14.1.aarch64",
"openSUSE Leap 15.4:libwebpextras0-0.5.0-150000.3.14.1.ppc64le",
"openSUSE Leap 15.4:libwebpextras0-0.5.0-150000.3.14.1.s390x",
"openSUSE Leap 15.4:libwebpextras0-0.5.0-150000.3.14.1.x86_64",
"openSUSE Leap 15.4:libwebpextras0-32bit-0.5.0-150000.3.14.1.x86_64",
"openSUSE Leap 15.4:libwebpmux2-0.5.0-150000.3.14.1.aarch64",
"openSUSE Leap 15.4:libwebpmux2-0.5.0-150000.3.14.1.ppc64le",
"openSUSE Leap 15.4:libwebpmux2-0.5.0-150000.3.14.1.s390x",
"openSUSE Leap 15.4:libwebpmux2-0.5.0-150000.3.14.1.x86_64",
"openSUSE Leap 15.4:libwebpmux2-32bit-0.5.0-150000.3.14.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libwebp-devel-0.5.0-150000.3.14.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libwebp-devel-0.5.0-150000.3.14.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libwebp6-0.5.0-150000.3.14.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libwebp6-0.5.0-150000.3.14.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libwebp6-32bit-0.5.0-150000.3.14.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libwebpdecoder2-0.5.0-150000.3.14.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libwebpdecoder2-0.5.0-150000.3.14.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libwebpdecoder2-32bit-0.5.0-150000.3.14.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libwebpdemux2-0.5.0-150000.3.14.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libwebpdemux2-0.5.0-150000.3.14.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libwebpdemux2-32bit-0.5.0-150000.3.14.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libwebpextras0-0.5.0-150000.3.14.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libwebpextras0-0.5.0-150000.3.14.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libwebpextras0-32bit-0.5.0-150000.3.14.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libwebpmux2-0.5.0-150000.3.14.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libwebpmux2-0.5.0-150000.3.14.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libwebpmux2-32bit-0.5.0-150000.3.14.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:libwebp6-32bit-0.5.0-150000.3.14.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:libwebp6-32bit-0.5.0-150000.3.14.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libwebp-devel-0.5.0-150000.3.14.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libwebp-devel-0.5.0-150000.3.14.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libwebp-devel-0.5.0-150000.3.14.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libwebp-devel-0.5.0-150000.3.14.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libwebp6-0.5.0-150000.3.14.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libwebp6-0.5.0-150000.3.14.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libwebp6-0.5.0-150000.3.14.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libwebp6-0.5.0-150000.3.14.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libwebp6-32bit-0.5.0-150000.3.14.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libwebpdecoder2-0.5.0-150000.3.14.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libwebpdecoder2-0.5.0-150000.3.14.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libwebpdecoder2-0.5.0-150000.3.14.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libwebpdecoder2-0.5.0-150000.3.14.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libwebpdecoder2-32bit-0.5.0-150000.3.14.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libwebpdemux2-0.5.0-150000.3.14.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libwebpdemux2-0.5.0-150000.3.14.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libwebpdemux2-0.5.0-150000.3.14.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libwebpdemux2-0.5.0-150000.3.14.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libwebpdemux2-32bit-0.5.0-150000.3.14.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libwebpextras0-0.5.0-150000.3.14.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libwebpextras0-0.5.0-150000.3.14.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libwebpextras0-0.5.0-150000.3.14.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libwebpextras0-0.5.0-150000.3.14.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libwebpextras0-32bit-0.5.0-150000.3.14.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libwebpmux2-0.5.0-150000.3.14.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libwebpmux2-0.5.0-150000.3.14.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libwebpmux2-0.5.0-150000.3.14.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libwebpmux2-0.5.0-150000.3.14.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libwebpmux2-32bit-0.5.0-150000.3.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libwebp-devel-0.5.0-150000.3.14.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libwebp-devel-0.5.0-150000.3.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libwebp6-0.5.0-150000.3.14.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libwebp6-0.5.0-150000.3.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libwebp6-32bit-0.5.0-150000.3.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libwebpdecoder2-0.5.0-150000.3.14.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libwebpdecoder2-0.5.0-150000.3.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libwebpdecoder2-32bit-0.5.0-150000.3.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libwebpdemux2-0.5.0-150000.3.14.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libwebpdemux2-0.5.0-150000.3.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libwebpdemux2-32bit-0.5.0-150000.3.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libwebpextras0-0.5.0-150000.3.14.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libwebpextras0-0.5.0-150000.3.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libwebpextras0-32bit-0.5.0-150000.3.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libwebpmux2-0.5.0-150000.3.14.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libwebpmux2-0.5.0-150000.3.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libwebpmux2-32bit-0.5.0-150000.3.14.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:libwebp6-0.5.0-150000.3.14.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:libwebp6-0.5.0-150000.3.14.1.x86_64",
"openSUSE Leap 15.4:libwebp6-0.5.0-150000.3.14.1.aarch64",
"openSUSE Leap 15.4:libwebp6-0.5.0-150000.3.14.1.ppc64le",
"openSUSE Leap 15.4:libwebp6-0.5.0-150000.3.14.1.s390x",
"openSUSE Leap 15.4:libwebp6-0.5.0-150000.3.14.1.x86_64",
"openSUSE Leap 15.4:libwebp6-32bit-0.5.0-150000.3.14.1.x86_64",
"openSUSE Leap 15.4:libwebpdecoder2-0.5.0-150000.3.14.1.aarch64",
"openSUSE Leap 15.4:libwebpdecoder2-0.5.0-150000.3.14.1.ppc64le",
"openSUSE Leap 15.4:libwebpdecoder2-0.5.0-150000.3.14.1.s390x",
"openSUSE Leap 15.4:libwebpdecoder2-0.5.0-150000.3.14.1.x86_64",
"openSUSE Leap 15.4:libwebpdecoder2-32bit-0.5.0-150000.3.14.1.x86_64",
"openSUSE Leap 15.4:libwebpextras0-0.5.0-150000.3.14.1.aarch64",
"openSUSE Leap 15.4:libwebpextras0-0.5.0-150000.3.14.1.ppc64le",
"openSUSE Leap 15.4:libwebpextras0-0.5.0-150000.3.14.1.s390x",
"openSUSE Leap 15.4:libwebpextras0-0.5.0-150000.3.14.1.x86_64",
"openSUSE Leap 15.4:libwebpextras0-32bit-0.5.0-150000.3.14.1.x86_64",
"openSUSE Leap 15.4:libwebpmux2-0.5.0-150000.3.14.1.aarch64",
"openSUSE Leap 15.4:libwebpmux2-0.5.0-150000.3.14.1.ppc64le",
"openSUSE Leap 15.4:libwebpmux2-0.5.0-150000.3.14.1.s390x",
"openSUSE Leap 15.4:libwebpmux2-0.5.0-150000.3.14.1.x86_64",
"openSUSE Leap 15.4:libwebpmux2-32bit-0.5.0-150000.3.14.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-09-27T17:13:06Z",
"details": "important"
}
],
"title": "CVE-2023-4863"
}
]
}
VDE-2023-048
Vulnerability from csaf_pilzgmbhcokg - Published: 2023-12-05 07:00 - Updated: 2025-05-22 13:03Summary
Pilz: Multiple products prone to libwebp vulnerability
Notes
Summary: Several Pilz products use the 3rd-party component 'libwebp' for decoding of images in WebP format. This component is affected by a vulnerability, which may enable an attacker to gain full control over the system running the software product. Depending on the affected product, the vulnerabilities can be exploited locally or over the network.
Impact: Decoding of a specially crafted image leads to a heap buffer overflow. In a worst-case scenario, a successful exploitation of the vulnerability can lead to execution of arbitrary code using the privileges of the user running the affected software. In case of PIT Transponder Manager and the PASvisu Builder, the vulnerability can only be exploited locally. Depending on the configuration of the PASvisu Runtime, a remote exploitation may be possible.
Remediation: Install the fixed product version as soon as it is available. Please visit the Pilz eShop(https://www.pilz.com/en-INT/eshop) to check for the fixed version.
PASvisu Runtime: Limit network access to legitimate connections by using a firewall or similarmeasures. Restrict administrative access by setting up user authentication properly.
General Countermeasures: - Only use project and image files from trustworthy sources.
- Protect project and image files against modification by unauthorized users.
Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical)
8.8 (High)
Vendor Fix
Install the fixed product version as soon as it is available. Please visit the Pilz eShop(https://www.pilz.com/en-INT/eshop) to check for the fixed version.
PASvisu Runtime: Limit network access to legitimate connections by using a firewall or similarmeasures. Restrict administrative access by setting up user authentication properly.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
PASvisu < 1.14.1
Pilz / Software / PASvisu
|
<1.14.1 | ||
|
PIT Transponder Manager < 1.2.0
Pilz / Software / PIT Transponder Manager
|
<1.2.0 | ||
|
PMI v8xx <= 2.0.33992
Pilz / Software / PMI v8xx
|
266807266812266815
|
<=2.0.33992 |
References
4 references
Acknowledgments
CERT@VDE
certvde.com
{
"document": {
"acknowledgments": [
{
"organization": "CERT@VDE",
"summary": "coordination",
"urls": [
"https://certvde.com"
]
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-GB",
"notes": [
{
"category": "summary",
"text": "Several Pilz products use the 3rd-party component \u0027libwebp\u0027 for decoding of images in WebP format. This component is affected by a vulnerability, which may enable an attacker to gain full control over the system running the software product. Depending on the affected product, the vulnerabilities can be exploited locally or over the network.",
"title": "Summary"
},
{
"category": "description",
"text": "Decoding of a specially crafted image leads to a heap buffer overflow. In a worst-case scenario, a successful exploitation of the vulnerability can lead to execution of arbitrary code using the privileges of the user running the affected software. In case of PIT Transponder Manager and the PASvisu Builder, the vulnerability can only be exploited locally. Depending on the configuration of the PASvisu Runtime, a remote exploitation may be possible.",
"title": "Impact"
},
{
"category": "description",
"text": "Install the fixed product version as soon as it is available. Please visit the Pilz eShop(https://www.pilz.com/en-INT/eshop) to check for the fixed version.\nPASvisu Runtime: Limit network access to legitimate connections by using a firewall or similarmeasures. Restrict administrative access by setting up user authentication properly.",
"title": "Remediation"
},
{
"category": "general",
"text": "- Only use project and image files from trustworthy sources.\n- Protect project and image files against modification by unauthorized users.",
"title": "General Countermeasures"
}
],
"publisher": {
"category": "vendor",
"contact_details": "security@pilz.com",
"name": "Pilz GmbH \u0026 Co. KG",
"namespace": "https://www.pilz.com"
},
"references": [
{
"category": "self",
"summary": "VDE-2023-048: Pilz: Multiple products prone to libwebp vulnerability - HTML",
"url": "https://certvde.com/en/advisories/VDE-2023-048/"
},
{
"category": "self",
"summary": "VDE-2023-048: Pilz: Multiple products prone to libwebp vulnerability - CSAF",
"url": "https://pilz.csaf-tp.certvde.com/.well-known/csaf/white/2023/vde-2023-048.json"
},
{
"category": "external",
"summary": "Pilz PSIRT",
"url": "https://www.pilz.com/en-INT/products/industrial-security/security-incident-management"
},
{
"category": "external",
"summary": "CERT@VDE Security Advisories for Pilz GmbH \u0026 Co. KG",
"url": "https://certvde.com/en/advisories/vendor/pilz/"
}
],
"title": "Pilz: Multiple products prone to libwebp vulnerability",
"tracking": {
"aliases": [
"VDE-2023-048"
],
"current_release_date": "2025-05-22T13:03:10.000Z",
"generator": {
"date": "2025-05-05T11:57:25.417Z",
"engine": {
"name": "Secvisogram",
"version": "2.5.24"
}
},
"id": "VDE-2023-048",
"initial_release_date": "2023-12-05T07:00:00.000Z",
"revision_history": [
{
"date": "2023-12-05T07:00:00.000Z",
"number": "1",
"summary": "Initial revision."
},
{
"date": "2025-05-22T13:03:10.000Z",
"number": "2",
"summary": "Fix: quotation mark"
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c1.14.1",
"product": {
"name": "PASvisu \u003c 1.14.1",
"product_id": "CSAFPID-51001"
}
}
],
"category": "product_name",
"name": "PASvisu"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c1.2.0",
"product": {
"name": "PIT Transponder Manager \u003c 1.2.0",
"product_id": "CSAFPID-51002"
}
}
],
"category": "product_name",
"name": "PIT Transponder Manager"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c=2.0.33992",
"product": {
"name": "PMI v8xx \u003c= 2.0.33992",
"product_id": "CSAFPID-51003",
"product_identification_helper": {
"model_numbers": [
"266807",
"266812",
"266815"
]
}
}
}
],
"category": "product_name",
"name": "PMI v8xx"
}
],
"category": "product_family",
"name": "Software"
}
],
"category": "vendor",
"name": "Pilz"
}
],
"product_groups": [
{
"group_id": "CSAFGID-0001",
"product_ids": [
"CSAFPID-51001",
"CSAFPID-51002",
"CSAFPID-51003"
],
"summary": "Affected products."
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-4863",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "description",
"text": "Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical)",
"title": "Vulnerability Description"
}
],
"product_status": {
"known_affected": [
"CSAFPID-51001",
"CSAFPID-51002",
"CSAFPID-51003"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Install the fixed product version as soon as it is available. Please visit the Pilz eShop(https://www.pilz.com/en-INT/eshop) to check for the fixed version.\nPASvisu Runtime: Limit network access to legitimate connections by using a firewall or similarmeasures. Restrict administrative access by setting up user authentication properly.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 8.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 8.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-51001",
"CSAFPID-51002",
"CSAFPID-51003"
]
}
],
"title": "CVE-2023-4863"
}
]
}
WID-SEC-W-2023-2305
Vulnerability from csaf_certbund - Published: 2023-09-11 22:00 - Updated: 2025-01-14 23:00Summary
Google Chrome / Microsoft Edge: Schwachstelle ermöglicht Codeausführung
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Chrome ist ein Internet-Browser von Google.
Edge ist ein Internet-Browser von Microsoft.
Angriff: Ein entfernter, anonymer Angreifer kann eine Schwachstelle in Google Chrome / Microsoft Edge ausnutzen, um beliebigen Programmcode auszuführen.
Betroffene Betriebssysteme: - Linux
- MacOS X
- Windows
Es besteht eine Schwachstelle in Google Chrome / Microsoft Edge. Dieser Fehler besteht in der WebP-Komponente aufgrund eines Heap-Pufferüberlaufs. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Code auszuführen, indem er einen Benutzer zum Besuch einer bösartigen Website verleitet. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion.
Affected products
Known affected
25 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Computer
Dell
|
cpe:/o:dell:dell_computer:-
|
— | |
|
WatchGuard Firebox
WatchGuard
|
cpe:/a:watchguard:firebox:-
|
— | |
|
Fortinet FortiClient Mac <7.2.5
Fortinet / FortiClient
|
Mac <7.2.5 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Fortinet FortiClient Mac <7.4.0
Fortinet / FortiClient
|
Mac <7.4.0 | ||
|
Fortinet FortiClient Linux <7.2.5
Fortinet / FortiClient
|
Linux <7.2.5 | ||
|
Fortinet FortiClient Linux <7.4.0
Fortinet / FortiClient
|
Linux <7.4.0 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Fortinet FortiClient EMS <7.0.10
Fortinet / FortiClient
|
EMS <7.0.10 | ||
|
Google Chrome <116.0.5845.188
Google / Chrome
|
<116.0.5845.188 | ||
|
Fortinet FortiClient EMS <7.2.2
Fortinet / FortiClient
|
EMS <7.2.2 | ||
|
Google Chrome <116.0.5845.187
Google / Chrome
|
<116.0.5845.187 | ||
|
HP LaserJet
HP
|
cpe:/h:hp:laserjet:-
|
— | |
|
Open Source LibreOffice <7.5.7
Open Source / LibreOffice
|
<7.5.7 | ||
|
Open Source LibreOffice <7.6.2
Open Source / LibreOffice
|
<7.6.2 | ||
|
Open Source Kibana <7.17.14
Open Source / Kibana
|
<7.17.14 | ||
|
Open Source Kibana <8.10.3
Open Source / Kibana
|
<8.10.3 | ||
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Fortinet FortiClient Windows <7.0.10
Fortinet / FortiClient
|
Windows <7.0.10 | ||
|
Fortinet FortiClient Windows <7.2.3
Fortinet / FortiClient
|
Windows <7.2.3 | ||
|
Microsoft Edge <116.0.1938.81
Microsoft / Edge
|
<116.0.1938.81 | ||
|
NetApp ActiveIQ Unified Manager
NetApp
|
cpe:/a:netapp:active_iq_unified_manager:vmware_vsphere
|
— |
Es besteht eine Schwachstelle in Google Chrome / Microsoft Edge. Dieser Fehler besteht in der WebP-Komponente aufgrund eines Heap-Pufferüberlaufs. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Code auszuführen, indem er einen Benutzer zum Besuch einer bösartigen Website verleitet. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion.
Affected products
Known affected
25 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Computer
Dell
|
cpe:/o:dell:dell_computer:-
|
— | |
|
WatchGuard Firebox
WatchGuard
|
cpe:/a:watchguard:firebox:-
|
— | |
|
Fortinet FortiClient Mac <7.2.5
Fortinet / FortiClient
|
Mac <7.2.5 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Fortinet FortiClient Mac <7.4.0
Fortinet / FortiClient
|
Mac <7.4.0 | ||
|
Fortinet FortiClient Linux <7.2.5
Fortinet / FortiClient
|
Linux <7.2.5 | ||
|
Fortinet FortiClient Linux <7.4.0
Fortinet / FortiClient
|
Linux <7.4.0 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Fortinet FortiClient EMS <7.0.10
Fortinet / FortiClient
|
EMS <7.0.10 | ||
|
Google Chrome <116.0.5845.188
Google / Chrome
|
<116.0.5845.188 | ||
|
Fortinet FortiClient EMS <7.2.2
Fortinet / FortiClient
|
EMS <7.2.2 | ||
|
Google Chrome <116.0.5845.187
Google / Chrome
|
<116.0.5845.187 | ||
|
HP LaserJet
HP
|
cpe:/h:hp:laserjet:-
|
— | |
|
Open Source LibreOffice <7.5.7
Open Source / LibreOffice
|
<7.5.7 | ||
|
Open Source LibreOffice <7.6.2
Open Source / LibreOffice
|
<7.6.2 | ||
|
Open Source Kibana <7.17.14
Open Source / Kibana
|
<7.17.14 | ||
|
Open Source Kibana <8.10.3
Open Source / Kibana
|
<8.10.3 | ||
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Fortinet FortiClient Windows <7.0.10
Fortinet / FortiClient
|
Windows <7.0.10 | ||
|
Fortinet FortiClient Windows <7.2.3
Fortinet / FortiClient
|
Windows <7.2.3 | ||
|
Microsoft Edge <116.0.1938.81
Microsoft / Edge
|
<116.0.1938.81 | ||
|
NetApp ActiveIQ Unified Manager
NetApp
|
cpe:/a:netapp:active_iq_unified_manager:vmware_vsphere
|
— |
References
52 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Chrome ist ein Internet-Browser von Google.\r\nEdge ist ein Internet-Browser von Microsoft.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann eine Schwachstelle in Google Chrome / Microsoft Edge ausnutzen, um beliebigen Programmcode auszuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- MacOS X\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2023-2305 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-2305.json"
},
{
"category": "self",
"summary": "WID-SEC-2023-2305 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2305"
},
{
"category": "external",
"summary": "Google Chrome Stable Channel Update for Desktop vom 2023-09-11",
"url": "https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_11.html"
},
{
"category": "external",
"summary": "Microsoft Leitfaden f\u00fcr Sicherheiztsupdates vom 2023-09-12",
"url": "https://msrc.microsoft.com/update-guide/"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2023-D5FAEDE1D6 vom 2023-09-13",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2023-d5faede1d6"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2023-F8319BD876 vom 2023-09-13",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2023-f8319bd876"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2023-C4FA8A204D vom 2023-09-13",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2023-c4fa8a204d"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2023-3388038193 vom 2023-09-13",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2023-3388038193"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2023-509640A8A6 vom 2023-09-13",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2023-509640a8a6"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-EPEL-2023-788F9BBB3F vom 2023-09-13",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-788f9bbb3f"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2023-32FA4259F4 vom 2023-09-13",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2023-32fa4259f4"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-EPEL-2023-9A6FD7A504 vom 2023-09-13",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-9a6fd7a504"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2023-3D1935DC6A vom 2023-09-13",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2023-3d1935dc6a"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-EPEL-2023-EA08732E6A vom 2023-09-17",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-ea08732e6a"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2023-D58A84DDA8 vom 2023-09-17",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2023-d58a84dda8"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2023-0DE0929147 vom 2023-09-17",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2023-0de0929147"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-EPEL-2023-C66924CB92 vom 2023-09-17",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-c66924cb92"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-EPEL-2023-54433BC31F vom 2023-09-17",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-54433bc31f"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2023-3BFB63F6D2 vom 2023-09-17",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2023-3bfb63f6d2"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:5185 vom 2023-09-18",
"url": "https://access.redhat.com/errata/RHSA-2023:5185"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-EPEL-2023-0DF1F37A48 vom 2023-09-18",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-0df1f37a48"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2023-A33B8C01E7 vom 2023-09-18",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2023-a33b8c01e7"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-EPEL-2023-05DC047BF8 vom 2023-09-18",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-05dc047bf8"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-EPEL-2023-79B0154754 vom 2023-09-18",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-79b0154754"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2023-B427F54E68 vom 2023-09-18",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2023-b427f54e68"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:5222 vom 2023-09-19",
"url": "https://access.redhat.com/errata/RHSA-2023:5222"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:5214 vom 2023-09-19",
"url": "https://access.redhat.com/errata/RHSA-2023:5214"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:5309 vom 2023-09-20",
"url": "https://access.redhat.com/errata/RHSA-2023:5309"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2023-5309 vom 2023-09-20",
"url": "https://linux.oracle.com/errata/ELSA-2023-5309.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2023-5214 vom 2023-09-20",
"url": "http://linux.oracle.com/errata/ELSA-2023-5214.html"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2023-DA064561FA vom 2023-09-24",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2023-da064561fa"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-EPEL-2023-9ABC3565B5 vom 2023-09-24",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-9abc3565b5"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-EPEL-2023-09CC239FE3 vom 2023-09-24",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-09cc239fe3"
},
{
"category": "external",
"summary": "Important release of LibreOffice",
"url": "https://blog.documentfoundation.org/blog/2023/09/26/lo-762-and-lo-757/"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6369-2 vom 2023-09-28",
"url": "https://ubuntu.com/security/notices/USN-6369-2"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2023:3829-1 vom 2023-09-27",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-September/016363.html"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2023-E692A72898 vom 2023-09-28",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2023-e692a72898"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2023-9108CDA47C vom 2023-09-28",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2023-9108cda47c"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2023-2A0668FE43 vom 2023-09-28",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2023-2a0668fe43"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-EPEL-2023-CCA1F87440 vom 2023-09-30",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-cca1f87440"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2023-0CD03C3746 vom 2023-09-30",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2023-0cd03c3746"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2023-C890266D3F vom 2023-09-30",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2023-c890266d3f"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2023-D66A01AD4F vom 2023-09-30",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2023-d66a01ad4f"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-EPEL-2023-8F3E1B6F78 vom 2023-09-30",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-8f3e1b6f78"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-EPEL-2023-EDC9C74369 vom 2023-09-30",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-edc9c74369"
},
{
"category": "external",
"summary": "NetApp Security Advisory NTAP-20230929-0011 vom 2023-09-29",
"url": "https://security.netapp.com/advisory/ntap-20230929-0011/"
},
{
"category": "external",
"summary": "Elastic Security Announcement ESA-2023-19 vom 2023-10-10",
"url": "https://discuss.elastic.co/t/kibana-8-10-3-7-17-14-security-update/344735"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2-2023-2290 vom 2023-10-20",
"url": "https://alas.aws.amazon.com/AL2/ALAS-2023-2290.html"
},
{
"category": "external",
"summary": "WatchGuard Security Advisory WGSA-2023-00008 vom 2023-11-01",
"url": "https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2023-00008"
},
{
"category": "external",
"summary": "Dell Security Advisory DSA-2023-396 vom 2023-12-06",
"url": "https://www.dell.com/support/kbdoc/000218770/dsa-2023-="
},
{
"category": "external",
"summary": "HP Security Bulletin HPSBPI03916 vom 2024-02-13",
"url": "https://support.hp.com/us-en/document/ish_10173649-10204798-16/HPSBPI03916"
},
{
"category": "external",
"summary": "FortiGuard Labs PSIRT Advisory FG-IR-23-381 vom 2025-01-14",
"url": "https://www.fortiguard.com/psirt/FG-IR-23-381"
}
],
"source_lang": "en-US",
"title": "Google Chrome / Microsoft Edge: Schwachstelle erm\u00f6glicht Codeausf\u00fchrung",
"tracking": {
"current_release_date": "2025-01-14T23:00:00.000+00:00",
"generator": {
"date": "2025-01-15T09:22:46.217+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.10"
}
},
"id": "WID-SEC-W-2023-2305",
"initial_release_date": "2023-09-11T22:00:00.000+00:00",
"revision_history": [
{
"date": "2023-09-11T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2023-09-12T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates aufgenommen"
},
{
"date": "2023-09-13T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Fedora aufgenommen"
},
{
"date": "2023-09-17T22:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von Fedora aufgenommen"
},
{
"date": "2023-09-18T22:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von Red Hat und Fedora aufgenommen"
},
{
"date": "2023-09-20T22:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von Red Hat und Oracle Linux aufgenommen"
},
{
"date": "2023-09-24T22:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von Fedora aufgenommen"
},
{
"date": "2023-09-26T22:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates aufgenommen"
},
{
"date": "2023-09-27T22:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von Ubuntu und SUSE aufgenommen"
},
{
"date": "2023-09-28T22:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von Fedora aufgenommen"
},
{
"date": "2023-10-01T22:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von Fedora und NetApp aufgenommen"
},
{
"date": "2023-10-10T22:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates von Elastic aufgenommen"
},
{
"date": "2023-10-19T22:00:00.000+00:00",
"number": "13",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2023-11-01T23:00:00.000+00:00",
"number": "14",
"summary": "Neue Updates von WatchGuard aufgenommen"
},
{
"date": "2023-12-05T23:00:00.000+00:00",
"number": "15",
"summary": "Neue Updates von Dell aufgenommen"
},
{
"date": "2024-02-20T23:00:00.000+00:00",
"number": "16",
"summary": "Neue Updates von HP aufgenommen"
},
{
"date": "2025-01-14T23:00:00.000+00:00",
"number": "17",
"summary": "Neue Updates von Fortinet aufgenommen"
}
],
"status": "final",
"version": "17"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Amazon Linux 2",
"product": {
"name": "Amazon Linux 2",
"product_id": "398363",
"product_identification_helper": {
"cpe": "cpe:/o:amazon:linux_2:-"
}
}
}
],
"category": "vendor",
"name": "Amazon"
},
{
"branches": [
{
"category": "product_name",
"name": "Dell Computer",
"product": {
"name": "Dell Computer",
"product_id": "T006498",
"product_identification_helper": {
"cpe": "cpe:/o:dell:dell_computer:-"
}
}
}
],
"category": "vendor",
"name": "Dell"
},
{
"branches": [
{
"category": "product_name",
"name": "Fedora Linux",
"product": {
"name": "Fedora Linux",
"product_id": "74185",
"product_identification_helper": {
"cpe": "cpe:/o:fedoraproject:fedora:-"
}
}
}
],
"category": "vendor",
"name": "Fedora"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "Windows \u003c7.2.3",
"product": {
"name": "Fortinet FortiClient Windows \u003c7.2.3",
"product_id": "T040204"
}
},
{
"category": "product_version",
"name": "Windows 7.2.3",
"product": {
"name": "Fortinet FortiClient Windows 7.2.3",
"product_id": "T040204-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:fortinet:forticlient:windows__7.2.3"
}
}
},
{
"category": "product_version_range",
"name": "Windows \u003c7.0.10",
"product": {
"name": "Fortinet FortiClient Windows \u003c7.0.10",
"product_id": "T040205"
}
},
{
"category": "product_version",
"name": "Windows 7.0.10",
"product": {
"name": "Fortinet FortiClient Windows 7.0.10",
"product_id": "T040205-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:fortinet:forticlient:windows__7.0.10"
}
}
},
{
"category": "product_version_range",
"name": "Linux \u003c7.4.0",
"product": {
"name": "Fortinet FortiClient Linux \u003c7.4.0",
"product_id": "T040206"
}
},
{
"category": "product_version",
"name": "Linux 7.4.0",
"product": {
"name": "Fortinet FortiClient Linux 7.4.0",
"product_id": "T040206-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:fortinet:forticlient:linux__7.4.0"
}
}
},
{
"category": "product_version_range",
"name": "Linux \u003c7.2.5",
"product": {
"name": "Fortinet FortiClient Linux \u003c7.2.5",
"product_id": "T040207"
}
},
{
"category": "product_version",
"name": "Linux 7.2.5",
"product": {
"name": "Fortinet FortiClient Linux 7.2.5",
"product_id": "T040207-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:fortinet:forticlient:linux__7.2.5"
}
}
},
{
"category": "product_version_range",
"name": "Mac \u003c7.4.0",
"product": {
"name": "Fortinet FortiClient Mac \u003c7.4.0",
"product_id": "T040208"
}
},
{
"category": "product_version",
"name": "Mac 7.4.0",
"product": {
"name": "Fortinet FortiClient Mac 7.4.0",
"product_id": "T040208-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:fortinet:forticlient:mac__7.4.0"
}
}
},
{
"category": "product_version_range",
"name": "Mac \u003c7.2.5",
"product": {
"name": "Fortinet FortiClient Mac \u003c7.2.5",
"product_id": "T040209"
}
},
{
"category": "product_version",
"name": "Mac 7.2.5",
"product": {
"name": "Fortinet FortiClient Mac 7.2.5",
"product_id": "T040209-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:fortinet:forticlient:mac__7.2.5"
}
}
},
{
"category": "product_version_range",
"name": "EMS \u003c7.2.2",
"product": {
"name": "Fortinet FortiClient EMS \u003c7.2.2",
"product_id": "T040210"
}
},
{
"category": "product_version",
"name": "EMS 7.2.2",
"product": {
"name": "Fortinet FortiClient EMS 7.2.2",
"product_id": "T040210-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:fortinet:forticlient:ems__7.2.2"
}
}
},
{
"category": "product_version_range",
"name": "EMS \u003c7.0.10",
"product": {
"name": "Fortinet FortiClient EMS \u003c7.0.10",
"product_id": "T040211"
}
},
{
"category": "product_version",
"name": "EMS 7.0.10",
"product": {
"name": "Fortinet FortiClient EMS 7.0.10",
"product_id": "T040211-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:fortinet:forticlient:ems__7.0.10"
}
}
}
],
"category": "product_name",
"name": "FortiClient"
}
],
"category": "vendor",
"name": "Fortinet"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c116.0.5845.187",
"product": {
"name": "Google Chrome \u003c116.0.5845.187",
"product_id": "T029774"
}
},
{
"category": "product_version",
"name": "116.0.5845.187",
"product": {
"name": "Google Chrome 116.0.5845.187",
"product_id": "T029774-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:google:chrome:116.0.5845.187"
}
}
},
{
"category": "product_version_range",
"name": "\u003c116.0.5845.188",
"product": {
"name": "Google Chrome \u003c116.0.5845.188",
"product_id": "T029775"
}
},
{
"category": "product_version",
"name": "116.0.5845.188",
"product": {
"name": "Google Chrome 116.0.5845.188",
"product_id": "T029775-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:google:chrome:116.0.5845.188"
}
}
}
],
"category": "product_name",
"name": "Chrome"
}
],
"category": "vendor",
"name": "Google"
},
{
"branches": [
{
"category": "product_name",
"name": "HP LaserJet",
"product": {
"name": "HP LaserJet",
"product_id": "T029061",
"product_identification_helper": {
"cpe": "cpe:/h:hp:laserjet:-"
}
}
}
],
"category": "vendor",
"name": "HP"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c116.0.1938.81",
"product": {
"name": "Microsoft Edge \u003c116.0.1938.81",
"product_id": "T029787"
}
},
{
"category": "product_version",
"name": "116.0.1938.81",
"product": {
"name": "Microsoft Edge 116.0.1938.81",
"product_id": "T029787-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:microsoft:edge:116.0.1938.81"
}
}
}
],
"category": "product_name",
"name": "Edge"
}
],
"category": "vendor",
"name": "Microsoft"
},
{
"branches": [
{
"category": "product_name",
"name": "NetApp ActiveIQ Unified Manager",
"product": {
"name": "NetApp ActiveIQ Unified Manager",
"product_id": "T026333",
"product_identification_helper": {
"cpe": "cpe:/a:netapp:active_iq_unified_manager:vmware_vsphere"
}
}
}
],
"category": "vendor",
"name": "NetApp"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c8.10.3",
"product": {
"name": "Open Source Kibana \u003c8.10.3",
"product_id": "T030371"
}
},
{
"category": "product_version",
"name": "8.10.3",
"product": {
"name": "Open Source Kibana 8.10.3",
"product_id": "T030371-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:elasticsearch:kibana:8.10.3"
}
}
},
{
"category": "product_version_range",
"name": "\u003c7.17.14",
"product": {
"name": "Open Source Kibana \u003c7.17.14",
"product_id": "T030372"
}
},
{
"category": "product_version",
"name": "7.17.14",
"product": {
"name": "Open Source Kibana 7.17.14",
"product_id": "T030372-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:elasticsearch:kibana:7.17.14"
}
}
}
],
"category": "product_name",
"name": "Kibana"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c7.6.2",
"product": {
"name": "Open Source LibreOffice \u003c7.6.2",
"product_id": "T030072"
}
},
{
"category": "product_version",
"name": "7.6.2",
"product": {
"name": "Open Source LibreOffice 7.6.2",
"product_id": "T030072-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:libreoffice:libreoffice:7.6.2"
}
}
},
{
"category": "product_version_range",
"name": "\u003c7.5.7",
"product": {
"name": "Open Source LibreOffice \u003c7.5.7",
"product_id": "T030073"
}
},
{
"category": "product_version",
"name": "7.5.7",
"product": {
"name": "Open Source LibreOffice 7.5.7",
"product_id": "T030073-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:libreoffice:libreoffice:7.5.7"
}
}
}
],
"category": "product_name",
"name": "LibreOffice"
}
],
"category": "vendor",
"name": "Open Source"
},
{
"branches": [
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
},
{
"branches": [
{
"category": "product_name",
"name": "Ubuntu Linux",
"product": {
"name": "Ubuntu Linux",
"product_id": "T000126",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:-"
}
}
}
],
"category": "vendor",
"name": "Ubuntu"
},
{
"branches": [
{
"category": "product_name",
"name": "WatchGuard Firebox",
"product": {
"name": "WatchGuard Firebox",
"product_id": "T030882",
"product_identification_helper": {
"cpe": "cpe:/a:watchguard:firebox:-"
}
}
}
],
"category": "vendor",
"name": "WatchGuard"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-4863",
"notes": [
{
"category": "description",
"text": "Es besteht eine Schwachstelle in Google Chrome / Microsoft Edge. Dieser Fehler besteht in der WebP-Komponente aufgrund eines Heap-Puffer\u00fcberlaufs. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Code auszuf\u00fchren, indem er einen Benutzer zum Besuch einer b\u00f6sartigen Website verleitet. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion."
}
],
"product_status": {
"known_affected": [
"T006498",
"T030882",
"T040209",
"67646",
"T040208",
"T040207",
"T040206",
"T004914",
"398363",
"T040211",
"T029775",
"T040210",
"T029774",
"T029061",
"T030073",
"T030072",
"T030372",
"T030371",
"74185",
"T002207",
"T000126",
"T040205",
"T040204",
"T029787",
"T026333"
]
},
"release_date": "2023-09-11T22:00:00.000+00:00",
"title": "CVE-2023-4863"
},
{
"cve": "CVE-2023-5129",
"notes": [
{
"category": "description",
"text": "Es besteht eine Schwachstelle in Google Chrome / Microsoft Edge. Dieser Fehler besteht in der WebP-Komponente aufgrund eines Heap-Puffer\u00fcberlaufs. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Code auszuf\u00fchren, indem er einen Benutzer zum Besuch einer b\u00f6sartigen Website verleitet. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion."
}
],
"product_status": {
"known_affected": [
"T006498",
"T030882",
"T040209",
"67646",
"T040208",
"T040207",
"T040206",
"T004914",
"398363",
"T040211",
"T029775",
"T040210",
"T029774",
"T029061",
"T030073",
"T030072",
"T030372",
"T030371",
"74185",
"T002207",
"T000126",
"T040205",
"T040204",
"T029787",
"T026333"
]
},
"release_date": "2023-09-11T22:00:00.000+00:00",
"title": "CVE-2023-5129"
}
]
}
WID-SEC-W-2023-2310
Vulnerability from csaf_certbund - Published: 2023-09-12 22:00 - Updated: 2024-01-31 23:00Summary
Google Chrome / Microsoft Edge: Mehrere Schwachstellen
Severity
Mittel
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Chrome ist ein Internet-Browser von Google.
Edge ist ein Browser von Microsoft
Angriff: Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Google Chrome / Microsoft Edge ausnutzen, um Sicherheitsvorkehrungen zu umgehen und weitere, nicht näher beschriebene Auswirkungen zu erreichen.
Betroffene Betriebssysteme: - Linux
- MacOS X
- Windows
Google Chrome / Microsoft Edge enthält mehrere Schwachstellen. Die Schwachstellen sind auf eine unsachgemäße Implementierung in den Komponenten "Custom Tabs", "Prompts", "Input", "Custom Mobile Tabs", "Intents", "Picture in Picture" und "Interstitials" sowie auf eine unzureichende Durchsetzung von Richtlinien in den Komponenten "Downloads" und "Autofill" zurückzuführen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsmaßnahmen zu umgehen und weitere, nicht näher spezifizierte Auswirkungen zu erzielen. Zur erfolgreichen Ausnutzung dieser Schwachstellen ist eine Benutzerinteraktion erforderlich.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— | |
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— |
Google Chrome / Microsoft Edge enthält mehrere Schwachstellen. Die Schwachstellen sind auf eine unsachgemäße Implementierung in den Komponenten "Custom Tabs", "Prompts", "Input", "Custom Mobile Tabs", "Intents", "Picture in Picture" und "Interstitials" sowie auf eine unzureichende Durchsetzung von Richtlinien in den Komponenten "Downloads" und "Autofill" zurückzuführen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsmaßnahmen zu umgehen und weitere, nicht näher spezifizierte Auswirkungen zu erzielen. Zur erfolgreichen Ausnutzung dieser Schwachstellen ist eine Benutzerinteraktion erforderlich.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— | |
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— |
Google Chrome / Microsoft Edge enthält mehrere Schwachstellen. Die Schwachstellen sind auf eine unsachgemäße Implementierung in den Komponenten "Custom Tabs", "Prompts", "Input", "Custom Mobile Tabs", "Intents", "Picture in Picture" und "Interstitials" sowie auf eine unzureichende Durchsetzung von Richtlinien in den Komponenten "Downloads" und "Autofill" zurückzuführen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsmaßnahmen zu umgehen und weitere, nicht näher spezifizierte Auswirkungen zu erzielen. Zur erfolgreichen Ausnutzung dieser Schwachstellen ist eine Benutzerinteraktion erforderlich.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— | |
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— |
Google Chrome / Microsoft Edge enthält mehrere Schwachstellen. Die Schwachstellen sind auf eine unsachgemäße Implementierung in den Komponenten "Custom Tabs", "Prompts", "Input", "Custom Mobile Tabs", "Intents", "Picture in Picture" und "Interstitials" sowie auf eine unzureichende Durchsetzung von Richtlinien in den Komponenten "Downloads" und "Autofill" zurückzuführen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsmaßnahmen zu umgehen und weitere, nicht näher spezifizierte Auswirkungen zu erzielen. Zur erfolgreichen Ausnutzung dieser Schwachstellen ist eine Benutzerinteraktion erforderlich.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— | |
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— |
Google Chrome / Microsoft Edge enthält mehrere Schwachstellen. Die Schwachstellen sind auf eine unsachgemäße Implementierung in den Komponenten "Custom Tabs", "Prompts", "Input", "Custom Mobile Tabs", "Intents", "Picture in Picture" und "Interstitials" sowie auf eine unzureichende Durchsetzung von Richtlinien in den Komponenten "Downloads" und "Autofill" zurückzuführen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsmaßnahmen zu umgehen und weitere, nicht näher spezifizierte Auswirkungen zu erzielen. Zur erfolgreichen Ausnutzung dieser Schwachstellen ist eine Benutzerinteraktion erforderlich.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— | |
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— |
Google Chrome / Microsoft Edge enthält mehrere Schwachstellen. Die Schwachstellen sind auf eine unsachgemäße Implementierung in den Komponenten "Custom Tabs", "Prompts", "Input", "Custom Mobile Tabs", "Intents", "Picture in Picture" und "Interstitials" sowie auf eine unzureichende Durchsetzung von Richtlinien in den Komponenten "Downloads" und "Autofill" zurückzuführen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsmaßnahmen zu umgehen und weitere, nicht näher spezifizierte Auswirkungen zu erzielen. Zur erfolgreichen Ausnutzung dieser Schwachstellen ist eine Benutzerinteraktion erforderlich.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— | |
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— |
Google Chrome / Microsoft Edge enthält mehrere Schwachstellen. Die Schwachstellen sind auf eine unsachgemäße Implementierung in den Komponenten "Custom Tabs", "Prompts", "Input", "Custom Mobile Tabs", "Intents", "Picture in Picture" und "Interstitials" sowie auf eine unzureichende Durchsetzung von Richtlinien in den Komponenten "Downloads" und "Autofill" zurückzuführen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsmaßnahmen zu umgehen und weitere, nicht näher spezifizierte Auswirkungen zu erzielen. Zur erfolgreichen Ausnutzung dieser Schwachstellen ist eine Benutzerinteraktion erforderlich.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— | |
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— |
Google Chrome / Microsoft Edge enthält mehrere Schwachstellen. Die Schwachstellen sind auf eine unsachgemäße Implementierung in den Komponenten "Custom Tabs", "Prompts", "Input", "Custom Mobile Tabs", "Intents", "Picture in Picture" und "Interstitials" sowie auf eine unzureichende Durchsetzung von Richtlinien in den Komponenten "Downloads" und "Autofill" zurückzuführen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsmaßnahmen zu umgehen und weitere, nicht näher spezifizierte Auswirkungen zu erzielen. Zur erfolgreichen Ausnutzung dieser Schwachstellen ist eine Benutzerinteraktion erforderlich.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— | |
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— |
Google Chrome / Microsoft Edge enthält mehrere Schwachstellen. Die Schwachstellen sind auf eine unsachgemäße Implementierung in den Komponenten "Custom Tabs", "Prompts", "Input", "Custom Mobile Tabs", "Intents", "Picture in Picture" und "Interstitials" sowie auf eine unzureichende Durchsetzung von Richtlinien in den Komponenten "Downloads" und "Autofill" zurückzuführen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsmaßnahmen zu umgehen und weitere, nicht näher spezifizierte Auswirkungen zu erzielen. Zur erfolgreichen Ausnutzung dieser Schwachstellen ist eine Benutzerinteraktion erforderlich.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— | |
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— |
Google Chrome / Microsoft Edge enthält mehrere Schwachstellen. Die Schwachstellen sind auf eine unsachgemäße Implementierung in den Komponenten "Custom Tabs", "Prompts", "Input", "Custom Mobile Tabs", "Intents", "Picture in Picture" und "Interstitials" sowie auf eine unzureichende Durchsetzung von Richtlinien in den Komponenten "Downloads" und "Autofill" zurückzuführen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsmaßnahmen zu umgehen und weitere, nicht näher spezifizierte Auswirkungen zu erzielen. Zur erfolgreichen Ausnutzung dieser Schwachstellen ist eine Benutzerinteraktion erforderlich.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— | |
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— |
Google Chrome / Microsoft Edge enthält mehrere Schwachstellen. Die Schwachstellen sind auf eine unsachgemäße Implementierung in den Komponenten "Custom Tabs", "Prompts", "Input", "Custom Mobile Tabs", "Intents", "Picture in Picture" und "Interstitials" sowie auf eine unzureichende Durchsetzung von Richtlinien in den Komponenten "Downloads" und "Autofill" zurückzuführen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsmaßnahmen zu umgehen und weitere, nicht näher spezifizierte Auswirkungen zu erzielen. Zur erfolgreichen Ausnutzung dieser Schwachstellen ist eine Benutzerinteraktion erforderlich.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— | |
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— |
References
34 references
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Chrome ist ein Internet-Browser von Google.\r\nEdge ist ein Browser von Microsoft",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Google Chrome / Microsoft Edge ausnutzen, um Sicherheitsvorkehrungen zu umgehen und weitere, nicht n\u00e4her beschriebene Auswirkungen zu erreichen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- MacOS X\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2023-2310 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-2310.json"
},
{
"category": "self",
"summary": "WID-SEC-2023-2310 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2310"
},
{
"category": "external",
"summary": "Chrome Stable Channel Update for Desktop vom 2023-09-12",
"url": "https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_12.html"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2023-D5FAEDE1D6 vom 2023-09-13",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2023-d5faede1d6"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2023-509640A8A6 vom 2023-09-13",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2023-509640a8a6"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2023-3D1935DC6A vom 2023-09-13",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2023-3d1935dc6a"
},
{
"category": "external",
"summary": "Release notes for Microsoft Edge Security Updates vom 2023-09-17",
"url": "https://learn.microsoft.com/en-us/deployedge/microsoft-edge-relnotes-security#september-15-2023"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-EPEL-2023-C66924CB92 vom 2023-09-17",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-c66924cb92"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2023-3BFB63F6D2 vom 2023-09-17",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2023-3bfb63f6d2"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2023-0DE0929147 vom 2023-09-17",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2023-0de0929147"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-EPEL-2023-54433BC31F vom 2023-09-17",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-54433bc31f"
},
{
"category": "external",
"summary": "Debian Security Advisory DSA-5497 vom 2023-09-17",
"url": "https://lists.debian.org/debian-security-announce/2023/msg00191.html"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2023-D58A84DDA8 vom 2023-09-17",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2023-d58a84dda8"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-EPEL-2023-EA08732E6A vom 2023-09-17",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-ea08732e6a"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2023-A33B8C01E7 vom 2023-09-18",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2023-a33b8c01e7"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:5191 vom 2023-09-18",
"url": "https://access.redhat.com/errata/RHSA-2023:5191"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2023-B427F54E68 vom 2023-09-18",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2023-b427f54e68"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:5204 vom 2023-09-18",
"url": "https://access.redhat.com/errata/RHSA-2023:5204"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:5190 vom 2023-09-18",
"url": "https://access.redhat.com/errata/RHSA-2023:5190"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-EPEL-2023-79B0154754 vom 2023-09-18",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-79b0154754"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-EPEL-2023-05DC047BF8 vom 2023-09-18",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-05dc047bf8"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-EPEL-2023-0DF1F37A48 vom 2023-09-18",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-0df1f37a48"
},
{
"category": "external",
"summary": "Debian Security Advisory DLA-3570 vom 2023-09-18",
"url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00017.html"
},
{
"category": "external",
"summary": "Debian Security Advisory DSA-5499 vom 2023-09-19",
"url": "https://lists.debian.org/debian-security-announce/2023/msg00192.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:5189 vom 2023-09-18",
"url": "https://access.redhat.com/errata/RHSA-2023:5189"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-EPEL-2023-9ABC3565B5 vom 2023-09-24",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-9abc3565b5"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-EPEL-2023-09CC239FE3 vom 2023-09-24",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-09cc239fe3"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-EPEL-2023-981E9F53FF vom 2023-09-24",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-981e9f53ff"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2023-DA064561FA vom 2023-09-24",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2023-da064561fa"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2023-C890266D3F vom 2023-09-30",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2023-c890266d3f"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-EPEL-2023-CCA1F87440 vom 2023-09-30",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-cca1f87440"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-EPEL-2023-EDC9C74369 vom 2023-09-30",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-edc9c74369"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-EPEL-2023-8F3E1B6F78 vom 2023-09-30",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-8f3e1b6f78"
},
{
"category": "external",
"summary": "Gentoo Linux Security Advisory GLSA-202401-34 vom 2024-01-31",
"url": "https://security.gentoo.org/glsa/202401-34"
}
],
"source_lang": "en-US",
"title": "Google Chrome / Microsoft Edge: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2024-01-31T23:00:00.000+00:00",
"generator": {
"date": "2024-08-15T17:58:15.458+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.5"
}
},
"id": "WID-SEC-W-2023-2310",
"initial_release_date": "2023-09-12T22:00:00.000+00:00",
"revision_history": [
{
"date": "2023-09-12T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2023-09-13T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Fedora aufgenommen"
},
{
"date": "2023-09-17T22:00:00.000+00:00",
"number": "3",
"summary": "Updates von Microsoft"
},
{
"date": "2023-09-18T22:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von Fedora, Red Hat und Debian aufgenommen"
},
{
"date": "2023-09-24T22:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von Fedora aufgenommen"
},
{
"date": "2023-10-01T22:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von Fedora aufgenommen"
},
{
"date": "2024-01-31T23:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von Gentoo aufgenommen"
}
],
"status": "final",
"version": "7"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Debian Linux",
"product": {
"name": "Debian Linux",
"product_id": "2951",
"product_identification_helper": {
"cpe": "cpe:/o:debian:debian_linux:-"
}
}
}
],
"category": "vendor",
"name": "Debian"
},
{
"branches": [
{
"category": "product_name",
"name": "Fedora Linux",
"product": {
"name": "Fedora Linux",
"product_id": "74185",
"product_identification_helper": {
"cpe": "cpe:/o:fedoraproject:fedora:-"
}
}
}
],
"category": "vendor",
"name": "Fedora"
},
{
"branches": [
{
"category": "product_name",
"name": "Gentoo Linux",
"product": {
"name": "Gentoo Linux",
"product_id": "T012167",
"product_identification_helper": {
"cpe": "cpe:/o:gentoo:linux:-"
}
}
}
],
"category": "vendor",
"name": "Gentoo"
},
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Google Chrome \u003c 117.0.5938.62",
"product": {
"name": "Google Chrome \u003c 117.0.5938.62",
"product_id": "T029823",
"product_identification_helper": {
"cpe": "cpe:/a:google:chrome:117.0.5938.62"
}
}
},
{
"category": "product_name",
"name": "Google Chrome \u003c 117.0.5938.63",
"product": {
"name": "Google Chrome \u003c 117.0.5938.63",
"product_id": "T029824",
"product_identification_helper": {
"cpe": "cpe:/a:google:chrome:117.0.5938.63"
}
}
}
],
"category": "product_name",
"name": "Chrome"
}
],
"category": "vendor",
"name": "Google"
},
{
"branches": [
{
"category": "product_name",
"name": "Microsoft Edge \u003c 109.0.1518.140",
"product": {
"name": "Microsoft Edge \u003c 109.0.1518.140",
"product_id": "T029920",
"product_identification_helper": {
"cpe": "cpe:/a:microsoft:edge:109.0.1518.140"
}
}
}
],
"category": "vendor",
"name": "Microsoft"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-4909",
"notes": [
{
"category": "description",
"text": "Google Chrome / Microsoft Edge enth\u00e4lt mehrere Schwachstellen. Die Schwachstellen sind auf eine unsachgem\u00e4\u00dfe Implementierung in den Komponenten \"Custom Tabs\", \"Prompts\", \"Input\", \"Custom Mobile Tabs\", \"Intents\", \"Picture in Picture\" und \"Interstitials\" sowie auf eine unzureichende Durchsetzung von Richtlinien in den Komponenten \"Downloads\" und \"Autofill\" zur\u00fcckzuf\u00fchren. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen und weitere, nicht n\u00e4her spezifizierte Auswirkungen zu erzielen. Zur erfolgreichen Ausnutzung dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"2951",
"67646",
"T012167",
"74185"
]
},
"release_date": "2023-09-12T22:00:00.000+00:00",
"title": "CVE-2023-4909"
},
{
"cve": "CVE-2023-4908",
"notes": [
{
"category": "description",
"text": "Google Chrome / Microsoft Edge enth\u00e4lt mehrere Schwachstellen. Die Schwachstellen sind auf eine unsachgem\u00e4\u00dfe Implementierung in den Komponenten \"Custom Tabs\", \"Prompts\", \"Input\", \"Custom Mobile Tabs\", \"Intents\", \"Picture in Picture\" und \"Interstitials\" sowie auf eine unzureichende Durchsetzung von Richtlinien in den Komponenten \"Downloads\" und \"Autofill\" zur\u00fcckzuf\u00fchren. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen und weitere, nicht n\u00e4her spezifizierte Auswirkungen zu erzielen. Zur erfolgreichen Ausnutzung dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"2951",
"67646",
"T012167",
"74185"
]
},
"release_date": "2023-09-12T22:00:00.000+00:00",
"title": "CVE-2023-4908"
},
{
"cve": "CVE-2023-4907",
"notes": [
{
"category": "description",
"text": "Google Chrome / Microsoft Edge enth\u00e4lt mehrere Schwachstellen. Die Schwachstellen sind auf eine unsachgem\u00e4\u00dfe Implementierung in den Komponenten \"Custom Tabs\", \"Prompts\", \"Input\", \"Custom Mobile Tabs\", \"Intents\", \"Picture in Picture\" und \"Interstitials\" sowie auf eine unzureichende Durchsetzung von Richtlinien in den Komponenten \"Downloads\" und \"Autofill\" zur\u00fcckzuf\u00fchren. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen und weitere, nicht n\u00e4her spezifizierte Auswirkungen zu erzielen. Zur erfolgreichen Ausnutzung dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"2951",
"67646",
"T012167",
"74185"
]
},
"release_date": "2023-09-12T22:00:00.000+00:00",
"title": "CVE-2023-4907"
},
{
"cve": "CVE-2023-4906",
"notes": [
{
"category": "description",
"text": "Google Chrome / Microsoft Edge enth\u00e4lt mehrere Schwachstellen. Die Schwachstellen sind auf eine unsachgem\u00e4\u00dfe Implementierung in den Komponenten \"Custom Tabs\", \"Prompts\", \"Input\", \"Custom Mobile Tabs\", \"Intents\", \"Picture in Picture\" und \"Interstitials\" sowie auf eine unzureichende Durchsetzung von Richtlinien in den Komponenten \"Downloads\" und \"Autofill\" zur\u00fcckzuf\u00fchren. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen und weitere, nicht n\u00e4her spezifizierte Auswirkungen zu erzielen. Zur erfolgreichen Ausnutzung dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"2951",
"67646",
"T012167",
"74185"
]
},
"release_date": "2023-09-12T22:00:00.000+00:00",
"title": "CVE-2023-4906"
},
{
"cve": "CVE-2023-4905",
"notes": [
{
"category": "description",
"text": "Google Chrome / Microsoft Edge enth\u00e4lt mehrere Schwachstellen. Die Schwachstellen sind auf eine unsachgem\u00e4\u00dfe Implementierung in den Komponenten \"Custom Tabs\", \"Prompts\", \"Input\", \"Custom Mobile Tabs\", \"Intents\", \"Picture in Picture\" und \"Interstitials\" sowie auf eine unzureichende Durchsetzung von Richtlinien in den Komponenten \"Downloads\" und \"Autofill\" zur\u00fcckzuf\u00fchren. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen und weitere, nicht n\u00e4her spezifizierte Auswirkungen zu erzielen. Zur erfolgreichen Ausnutzung dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"2951",
"67646",
"T012167",
"74185"
]
},
"release_date": "2023-09-12T22:00:00.000+00:00",
"title": "CVE-2023-4905"
},
{
"cve": "CVE-2023-4904",
"notes": [
{
"category": "description",
"text": "Google Chrome / Microsoft Edge enth\u00e4lt mehrere Schwachstellen. Die Schwachstellen sind auf eine unsachgem\u00e4\u00dfe Implementierung in den Komponenten \"Custom Tabs\", \"Prompts\", \"Input\", \"Custom Mobile Tabs\", \"Intents\", \"Picture in Picture\" und \"Interstitials\" sowie auf eine unzureichende Durchsetzung von Richtlinien in den Komponenten \"Downloads\" und \"Autofill\" zur\u00fcckzuf\u00fchren. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen und weitere, nicht n\u00e4her spezifizierte Auswirkungen zu erzielen. Zur erfolgreichen Ausnutzung dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"2951",
"67646",
"T012167",
"74185"
]
},
"release_date": "2023-09-12T22:00:00.000+00:00",
"title": "CVE-2023-4904"
},
{
"cve": "CVE-2023-4903",
"notes": [
{
"category": "description",
"text": "Google Chrome / Microsoft Edge enth\u00e4lt mehrere Schwachstellen. Die Schwachstellen sind auf eine unsachgem\u00e4\u00dfe Implementierung in den Komponenten \"Custom Tabs\", \"Prompts\", \"Input\", \"Custom Mobile Tabs\", \"Intents\", \"Picture in Picture\" und \"Interstitials\" sowie auf eine unzureichende Durchsetzung von Richtlinien in den Komponenten \"Downloads\" und \"Autofill\" zur\u00fcckzuf\u00fchren. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen und weitere, nicht n\u00e4her spezifizierte Auswirkungen zu erzielen. Zur erfolgreichen Ausnutzung dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"2951",
"67646",
"T012167",
"74185"
]
},
"release_date": "2023-09-12T22:00:00.000+00:00",
"title": "CVE-2023-4903"
},
{
"cve": "CVE-2023-4902",
"notes": [
{
"category": "description",
"text": "Google Chrome / Microsoft Edge enth\u00e4lt mehrere Schwachstellen. Die Schwachstellen sind auf eine unsachgem\u00e4\u00dfe Implementierung in den Komponenten \"Custom Tabs\", \"Prompts\", \"Input\", \"Custom Mobile Tabs\", \"Intents\", \"Picture in Picture\" und \"Interstitials\" sowie auf eine unzureichende Durchsetzung von Richtlinien in den Komponenten \"Downloads\" und \"Autofill\" zur\u00fcckzuf\u00fchren. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen und weitere, nicht n\u00e4her spezifizierte Auswirkungen zu erzielen. Zur erfolgreichen Ausnutzung dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"2951",
"67646",
"T012167",
"74185"
]
},
"release_date": "2023-09-12T22:00:00.000+00:00",
"title": "CVE-2023-4902"
},
{
"cve": "CVE-2023-4901",
"notes": [
{
"category": "description",
"text": "Google Chrome / Microsoft Edge enth\u00e4lt mehrere Schwachstellen. Die Schwachstellen sind auf eine unsachgem\u00e4\u00dfe Implementierung in den Komponenten \"Custom Tabs\", \"Prompts\", \"Input\", \"Custom Mobile Tabs\", \"Intents\", \"Picture in Picture\" und \"Interstitials\" sowie auf eine unzureichende Durchsetzung von Richtlinien in den Komponenten \"Downloads\" und \"Autofill\" zur\u00fcckzuf\u00fchren. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen und weitere, nicht n\u00e4her spezifizierte Auswirkungen zu erzielen. Zur erfolgreichen Ausnutzung dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"2951",
"67646",
"T012167",
"74185"
]
},
"release_date": "2023-09-12T22:00:00.000+00:00",
"title": "CVE-2023-4901"
},
{
"cve": "CVE-2023-4900",
"notes": [
{
"category": "description",
"text": "Google Chrome / Microsoft Edge enth\u00e4lt mehrere Schwachstellen. Die Schwachstellen sind auf eine unsachgem\u00e4\u00dfe Implementierung in den Komponenten \"Custom Tabs\", \"Prompts\", \"Input\", \"Custom Mobile Tabs\", \"Intents\", \"Picture in Picture\" und \"Interstitials\" sowie auf eine unzureichende Durchsetzung von Richtlinien in den Komponenten \"Downloads\" und \"Autofill\" zur\u00fcckzuf\u00fchren. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen und weitere, nicht n\u00e4her spezifizierte Auswirkungen zu erzielen. Zur erfolgreichen Ausnutzung dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"2951",
"67646",
"T012167",
"74185"
]
},
"release_date": "2023-09-12T22:00:00.000+00:00",
"title": "CVE-2023-4900"
},
{
"cve": "CVE-2023-4863",
"notes": [
{
"category": "description",
"text": "Google Chrome / Microsoft Edge enth\u00e4lt mehrere Schwachstellen. Die Schwachstellen sind auf eine unsachgem\u00e4\u00dfe Implementierung in den Komponenten \"Custom Tabs\", \"Prompts\", \"Input\", \"Custom Mobile Tabs\", \"Intents\", \"Picture in Picture\" und \"Interstitials\" sowie auf eine unzureichende Durchsetzung von Richtlinien in den Komponenten \"Downloads\" und \"Autofill\" zur\u00fcckzuf\u00fchren. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen und weitere, nicht n\u00e4her spezifizierte Auswirkungen zu erzielen. Zur erfolgreichen Ausnutzung dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"2951",
"67646",
"T012167",
"74185"
]
},
"release_date": "2023-09-12T22:00:00.000+00:00",
"title": "CVE-2023-4863"
}
]
}
WID-SEC-W-2023-2313
Vulnerability from csaf_certbund - Published: 2023-09-12 22:00 - Updated: 2024-02-20 23:00Summary
Mozilla Firefox und Thunderbird: Schwachstelle ermöglicht Codeausführung
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Firefox ist ein Open Source Web Browser.
ESR ist die Variante mit verlängertem Support.
Thunderbird ist ein Open Source E-Mail Client.
Angriff: Ein entfernter, anonymer Angreifer kann eine Schwachstelle in Mozilla Firefox, Mozilla Firefox ESR und Mozilla Thunderbird ausnutzen, um beliebigen Programmcode auszuführen.
Betroffene Betriebssysteme: - Linux
- MacOS X
- Windows
Es besteht eine Schwachstelle in Mozilla Firefox, Mozilla Firefox ESR und Mozilla Thunderbird. Dieser Fehler besteht in der libwep-Komponente aufgrund eines Heap-Pufferüberlaufs. Ein entfernter, anonymer Angreifer kann diese Schwachstelle zur Ausführung von beliebigem Code ausnutzen. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion.
Affected products
Known affected
10 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
HP LaserJet
HP
|
cpe:/h:hp:laserjet:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
NetApp ActiveIQ Unified Manager
NetApp
|
cpe:/a:netapp:active_iq_unified_manager:vmware_vsphere
|
— |
Es besteht eine Schwachstelle in Mozilla Firefox, Mozilla Firefox ESR und Mozilla Thunderbird. Dieser Fehler besteht in der libwep-Komponente aufgrund eines Heap-Pufferüberlaufs. Ein entfernter, anonymer Angreifer kann diese Schwachstelle zur Ausführung von beliebigem Code ausnutzen. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion.
Affected products
Known affected
10 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
HP LaserJet
HP
|
cpe:/h:hp:laserjet:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
NetApp ActiveIQ Unified Manager
NetApp
|
cpe:/a:netapp:active_iq_unified_manager:vmware_vsphere
|
— |
References
65 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Firefox ist ein Open Source Web Browser. \r\nESR ist die Variante mit verl\u00e4ngertem Support.\r\nThunderbird ist ein Open Source E-Mail Client.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann eine Schwachstelle in Mozilla Firefox, Mozilla Firefox ESR und Mozilla Thunderbird ausnutzen, um beliebigen Programmcode auszuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- MacOS X\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2023-2313 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-2313.json"
},
{
"category": "self",
"summary": "WID-SEC-2023-2313 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2313"
},
{
"category": "external",
"summary": "Mozilla Security Advisory MFSA2023-40 vom 2023-09-12",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-40/"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2023-D5FAEDE1D6 vom 2023-09-13",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2023-d5faede1d6"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2023-F8319BD876 vom 2023-09-13",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2023-f8319bd876"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2023-C4FA8A204D vom 2023-09-13",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2023-c4fa8a204d"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2023-3388038193 vom 2023-09-13",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2023-3388038193"
},
{
"category": "external",
"summary": "Debian Security Advisory DSA-5497 vom 2023-09-13",
"url": "https://lists.debian.org/debian-security-announce/2023/msg00189.html"
},
{
"category": "external",
"summary": "Debian Security Advisory DSA-5496 vom 2023-09-13",
"url": "https://lists.debian.org/debian-security-announce/2023/msg00188.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6367-1 vom 2023-09-14",
"url": "https://ubuntu.com/security/notices/USN-6367-1"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2023:3610-1 vom 2023-09-15",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-September/016157.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2023:3609-1 vom 2023-09-15",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-September/016158.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:5205 vom 2023-09-18",
"url": "https://access.redhat.com/errata/RHSA-2023:5205"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:5188 vom 2023-09-18",
"url": "https://access.redhat.com/errata/RHSA-2023:5188"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:5189 vom 2023-09-18",
"url": "https://access.redhat.com/errata/RHSA-2023:5189"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:5192 vom 2023-09-18",
"url": "https://access.redhat.com/errata/RHSA-2023:5192"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2023-5200 vom 2023-09-19",
"url": "https://linux.oracle.com/errata/ELSA-2023-5200.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:5191 vom 2023-09-18",
"url": "https://access.redhat.com/errata/RHSA-2023:5191"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:5197 vom 2023-09-18",
"url": "https://access.redhat.com/errata/RHSA-2023:5197"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:5198 vom 2023-09-18",
"url": "https://access.redhat.com/errata/RHSA-2023:5198"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:5201 vom 2023-09-18",
"url": "https://access.redhat.com/errata/RHSA-2023:5201"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:5200 vom 2023-09-18",
"url": "https://access.redhat.com/errata/RHSA-2023:5200"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:5202 vom 2023-09-18",
"url": "https://access.redhat.com/errata/RHSA-2023:5202"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:5204 vom 2023-09-18",
"url": "https://access.redhat.com/errata/RHSA-2023:5204"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2023-5197 vom 2023-09-19",
"url": "https://linux.oracle.com/errata/ELSA-2023-5197.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2023-5191 vom 2023-09-19",
"url": "https://linux.oracle.com/errata/ELSA-2023-5191.html"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-EPEL-2023-0DF1F37A48 vom 2023-09-18",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-0df1f37a48"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:5187 vom 2023-09-18",
"url": "https://access.redhat.com/errata/RHSA-2023:5187"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:5184 vom 2023-09-18",
"url": "https://access.redhat.com/errata/RHSA-2023:5184"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:5183 vom 2023-09-18",
"url": "https://access.redhat.com/errata/RHSA-2023:5183"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2023-5184 vom 2023-09-19",
"url": "https://linux.oracle.com/errata/ELSA-2023-5184.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2023:3664-1 vom 2023-09-18",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-September/016188.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:5186 vom 2023-09-18",
"url": "https://access.redhat.com/errata/RHSA-2023:5186"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:5190 vom 2023-09-18",
"url": "https://access.redhat.com/errata/RHSA-2023:5190"
},
{
"category": "external",
"summary": "Debian Security Advisory DLA-3570 vom 2023-09-18",
"url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00017.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2023:3634-1 vom 2023-09-18",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-September/016176.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:5224 vom 2023-09-19",
"url": "https://access.redhat.com/errata/RHSA-2023:5224"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:5223 vom 2023-09-19",
"url": "https://access.redhat.com/errata/RHSA-2023:5223"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:5222 vom 2023-09-19",
"url": "https://access.redhat.com/errata/RHSA-2023:5222"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:5214 vom 2023-09-19",
"url": "https://access.redhat.com/errata/RHSA-2023:5214"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:5236 vom 2023-09-19",
"url": "https://access.redhat.com/errata/RHSA-2023:5236"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:5309 vom 2023-09-20",
"url": "https://access.redhat.com/errata/RHSA-2023:5309"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2023-5224 vom 2023-09-20",
"url": "http://linux.oracle.com/errata/ELSA-2023-5224.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2023-5309 vom 2023-09-20",
"url": "https://linux.oracle.com/errata/ELSA-2023-5309.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2023-5214 vom 2023-09-20",
"url": "http://linux.oracle.com/errata/ELSA-2023-5214.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2023-5201 vom 2023-09-20",
"url": "http://linux.oracle.com/errata/ELSA-2023-5201.html"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2023-1BCD79CDF6 vom 2023-09-21",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2023-1bcd79cdf6"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-EPEL-2023-4211889C5A vom 2023-09-22",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-4211889c5a"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-EPEL-2023-981E9F53FF vom 2023-09-24",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-981e9f53ff"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2023:3794-1 vom 2023-09-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-September/016334.html"
},
{
"category": "external",
"summary": "Important release of LibreOffice",
"url": "https://blog.documentfoundation.org/blog/2023/09/26/lo-762-and-lo-757/"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6369-2 vom 2023-09-28",
"url": "https://ubuntu.com/security/notices/USN-6369-2"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2023:3829-1 vom 2023-09-27",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-September/016363.html"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2023-2A0668FE43 vom 2023-09-28",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2023-2a0668fe43"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2023-E692A72898 vom 2023-09-28",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2023-e692a72898"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2023-9108CDA47C vom 2023-09-28",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2023-9108cda47c"
},
{
"category": "external",
"summary": "NetApp Security Advisory NTAP-20230929-0011 vom 2023-09-29",
"url": "https://security.netapp.com/advisory/ntap-20230929-0011/"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2023-97EEA79ACB vom 2023-10-05",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2023-97eea79acb"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2023-0F232991DE vom 2023-10-05",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2023-0f232991de"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2023-BBB8D72C6F vom 2023-10-05",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2023-bbb8d72c6f"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2023-09EC498A2A vom 2023-10-08",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2023-09ec498a2a"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALASFIREFOX-2023-015 vom 2023-10-18",
"url": "https://alas.aws.amazon.com/AL2/ALASFIREFOX-2023-015.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2-2023-2291 vom 2023-10-20",
"url": "https://alas.aws.amazon.com/AL2/ALAS-2023-2291.html"
},
{
"category": "external",
"summary": "Gentoo Linux Security Advisory GLSA-202401-10 vom 2024-01-07",
"url": "https://security.gentoo.org/glsa/202401-10"
},
{
"category": "external",
"summary": "HP Security Bulletin HPSBPI03916 vom 2024-02-13",
"url": "https://support.hp.com/us-en/document/ish_10173649-10204798-16/HPSBPI03916"
}
],
"source_lang": "en-US",
"title": "Mozilla Firefox und Thunderbird: Schwachstelle erm\u00f6glicht Codeausf\u00fchrung",
"tracking": {
"current_release_date": "2024-02-20T23:00:00.000+00:00",
"generator": {
"date": "2024-08-15T17:58:16.322+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.5"
}
},
"id": "WID-SEC-W-2023-2313",
"initial_release_date": "2023-09-12T22:00:00.000+00:00",
"revision_history": [
{
"date": "2023-09-12T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2023-09-13T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Debian und Ubuntu aufgenommen"
},
{
"date": "2023-09-14T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2023-09-18T22:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von Red Hat, Oracle Linux, Fedora, SUSE und Debian aufgenommen"
},
{
"date": "2023-09-19T22:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2023-09-20T22:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von Red Hat und Oracle Linux aufgenommen"
},
{
"date": "2023-09-21T22:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von Fedora aufgenommen"
},
{
"date": "2023-09-24T22:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von Fedora aufgenommen"
},
{
"date": "2023-09-26T22:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2023-09-27T22:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von Ubuntu und SUSE aufgenommen"
},
{
"date": "2023-09-28T22:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von Fedora aufgenommen"
},
{
"date": "2023-10-01T22:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates von NetApp aufgenommen"
},
{
"date": "2023-10-04T22:00:00.000+00:00",
"number": "13",
"summary": "Neue Updates von Fedora aufgenommen"
},
{
"date": "2023-10-08T22:00:00.000+00:00",
"number": "14",
"summary": "Neue Updates von Fedora aufgenommen"
},
{
"date": "2023-10-17T22:00:00.000+00:00",
"number": "15",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2023-10-19T22:00:00.000+00:00",
"number": "16",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2024-01-07T23:00:00.000+00:00",
"number": "17",
"summary": "Neue Updates von Gentoo aufgenommen"
},
{
"date": "2024-02-20T23:00:00.000+00:00",
"number": "18",
"summary": "Neue Updates von HP aufgenommen"
}
],
"status": "final",
"version": "18"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Amazon Linux 2",
"product": {
"name": "Amazon Linux 2",
"product_id": "398363",
"product_identification_helper": {
"cpe": "cpe:/o:amazon:linux_2:-"
}
}
}
],
"category": "vendor",
"name": "Amazon"
},
{
"branches": [
{
"category": "product_name",
"name": "Debian Linux",
"product": {
"name": "Debian Linux",
"product_id": "2951",
"product_identification_helper": {
"cpe": "cpe:/o:debian:debian_linux:-"
}
}
}
],
"category": "vendor",
"name": "Debian"
},
{
"branches": [
{
"category": "product_name",
"name": "Fedora Linux",
"product": {
"name": "Fedora Linux",
"product_id": "74185",
"product_identification_helper": {
"cpe": "cpe:/o:fedoraproject:fedora:-"
}
}
}
],
"category": "vendor",
"name": "Fedora"
},
{
"branches": [
{
"category": "product_name",
"name": "Gentoo Linux",
"product": {
"name": "Gentoo Linux",
"product_id": "T012167",
"product_identification_helper": {
"cpe": "cpe:/o:gentoo:linux:-"
}
}
}
],
"category": "vendor",
"name": "Gentoo"
},
{
"branches": [
{
"category": "product_name",
"name": "HP LaserJet",
"product": {
"name": "HP LaserJet",
"product_id": "T029061",
"product_identification_helper": {
"cpe": "cpe:/h:hp:laserjet:-"
}
}
}
],
"category": "vendor",
"name": "HP"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c 117.0.1",
"product": {
"name": "Mozilla Firefox \u003c 117.0.1",
"product_id": "T029816"
}
}
],
"category": "product_name",
"name": "Firefox"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c 115.2.1",
"product": {
"name": "Mozilla Firefox ESR \u003c 115.2.1",
"product_id": "T029817"
}
},
{
"category": "product_version_range",
"name": "\u003c 102.15.1",
"product": {
"name": "Mozilla Firefox ESR \u003c 102.15.1",
"product_id": "T029818"
}
}
],
"category": "product_name",
"name": "Firefox ESR"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c 102.15.1",
"product": {
"name": "Mozilla Thunderbird \u003c 102.15.1",
"product_id": "T029819"
}
},
{
"category": "product_version_range",
"name": "\u003c 115.2.2",
"product": {
"name": "Mozilla Thunderbird \u003c 115.2.2",
"product_id": "T029820"
}
}
],
"category": "product_name",
"name": "Thunderbird"
}
],
"category": "vendor",
"name": "Mozilla"
},
{
"branches": [
{
"category": "product_name",
"name": "NetApp ActiveIQ Unified Manager",
"product": {
"name": "NetApp ActiveIQ Unified Manager",
"product_id": "T026333",
"product_identification_helper": {
"cpe": "cpe:/a:netapp:active_iq_unified_manager:vmware_vsphere"
}
}
}
],
"category": "vendor",
"name": "NetApp"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c 7.6.2",
"product": {
"name": "Open Source LibreOffice \u003c 7.6.2",
"product_id": "T030072"
}
},
{
"category": "product_version_range",
"name": "\u003c 7.5.7",
"product": {
"name": "Open Source LibreOffice \u003c 7.5.7",
"product_id": "T030073"
}
}
],
"category": "product_name",
"name": "LibreOffice"
}
],
"category": "vendor",
"name": "Open Source"
},
{
"branches": [
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
},
{
"branches": [
{
"category": "product_name",
"name": "Ubuntu Linux",
"product": {
"name": "Ubuntu Linux",
"product_id": "T000126",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:-"
}
}
}
],
"category": "vendor",
"name": "Ubuntu"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-5129",
"notes": [
{
"category": "description",
"text": "Es besteht eine Schwachstelle in Mozilla Firefox, Mozilla Firefox ESR und Mozilla Thunderbird. Dieser Fehler besteht in der libwep-Komponente aufgrund eines Heap-Puffer\u00fcberlaufs. Ein entfernter, anonymer Angreifer kann diese Schwachstelle zur Ausf\u00fchrung von beliebigem Code ausnutzen. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T029061",
"398363",
"T012167",
"T004914",
"74185",
"T026333"
]
},
"release_date": "2023-09-12T22:00:00.000+00:00",
"title": "CVE-2023-5129"
},
{
"cve": "CVE-2023-4863",
"notes": [
{
"category": "description",
"text": "Es besteht eine Schwachstelle in Mozilla Firefox, Mozilla Firefox ESR und Mozilla Thunderbird. Dieser Fehler besteht in der libwep-Komponente aufgrund eines Heap-Puffer\u00fcberlaufs. Ein entfernter, anonymer Angreifer kann diese Schwachstelle zur Ausf\u00fchrung von beliebigem Code ausnutzen. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T029061",
"398363",
"T012167",
"T004914",
"74185",
"T026333"
]
},
"release_date": "2023-09-12T22:00:00.000+00:00",
"title": "CVE-2023-4863"
}
]
}
WID-SEC-W-2023-2538
Vulnerability from csaf_certbund - Published: 2023-10-03 22:00 - Updated: 2023-10-03 22:00Summary
Mattermost: Mehrere Schwachstellen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Mattermost ist ein webbasierter Instant-Messaging-Dienst.
Angriff: Ein Angreifer kann mehrere Schwachstellen in Mattermost ausnutzen, um einen nicht näher spezifizierten Angriff durchzuführen oder beliebigen Programmcode auszuführen.
Betroffene Betriebssysteme: - UNIX
- Linux
- Windows
- Android
- iPhoneOS
Es existiert eine Schwachstelle in Mattermost. Diese besteht in der Komponente libwebp und ist auf einen Heap Overflow zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuführen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich.
Vulnerability 2
Es existieren mehrere Schwachstellen in Mattermost, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
References
3 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Mattermost ist ein webbasierter Instant-Messaging-Dienst.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer kann mehrere Schwachstellen in Mattermost ausnutzen, um einen nicht n\u00e4her spezifizierten Angriff durchzuf\u00fchren oder beliebigen Programmcode auszuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- UNIX\n- Linux\n- Windows\n- Android\n- iPhoneOS",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2023-2538 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-2538.json"
},
{
"category": "self",
"summary": "WID-SEC-2023-2538 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2538"
},
{
"category": "external",
"summary": "Mattermost Security Update vom 2023-10-03",
"url": "https://mattermost.com/security-updates/"
}
],
"source_lang": "en-US",
"title": "Mattermost: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2023-10-03T22:00:00.000+00:00",
"generator": {
"date": "2024-08-15T17:59:20.409+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.5"
}
},
"id": "WID-SEC-W-2023-2538",
"initial_release_date": "2023-10-03T22:00:00.000+00:00",
"revision_history": [
{
"date": "2023-10-03T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Mattermost Mattermost \u003c v5.5.1",
"product": {
"name": "Mattermost Mattermost \u003c v5.5.1",
"product_id": "T030188",
"product_identification_helper": {
"cpe": "cpe:/a:mattermost:mattermost_server:v5.5.1"
}
}
},
{
"category": "product_name",
"name": "Mattermost Mattermost \u003c v2.8.1",
"product": {
"name": "Mattermost Mattermost \u003c v2.8.1",
"product_id": "T030189",
"product_identification_helper": {
"cpe": "cpe:/a:mattermost:mattermost_server:v2.8.1"
}
}
}
],
"category": "product_name",
"name": "Mattermost"
}
],
"category": "vendor",
"name": "Mattermost"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-4863",
"notes": [
{
"category": "description",
"text": "Es existiert eine Schwachstelle in Mattermost. Diese besteht in der Komponente libwebp und ist auf einen Heap Overflow zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"release_date": "2023-10-03T22:00:00.000+00:00",
"title": "CVE-2023-4863"
},
{
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Mattermost, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"release_date": "2023-10-03T22:00:00.000+00:00"
}
]
}
WID-SEC-W-2023-2548
Vulnerability from csaf_certbund - Published: 2023-10-03 22:00 - Updated: 2023-10-03 22:00Summary
Google Android: Mehrere Schwachstellen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Das Android Betriebssystem ist eine quelloffene Plattform für mobile Geräte. Die Basis bildet der Linux-Kernel.
Angriff: Ein Angreifer kann mehrere Schwachstellen in Google Android ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuführen, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuführen.
Betroffene Betriebssysteme: - Android
In Google Android existieren mehrere Schwachstellen. Diese bestehen in den Komponenten "Framework", "System", "Google Play System Updates", "ARM components", "MediaTek components", "Unisoc components", "Qualcomm components" sowie"Qualcomm closed-source components". Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuführen, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuführen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Google Android 12L
Google / Android
|
cpe:/o:google:android:12l
|
— | |
|
Google Android 13
Google / Android
|
cpe:/o:google:android:13
|
— | |
|
Google Android 12
Google / Android
|
cpe:/o:google:android:12
|
— | |
|
Google Android 11
Google / Android
|
cpe:/o:google:android:11
|
— |
In Google Android existieren mehrere Schwachstellen. Diese bestehen in den Komponenten "Framework", "System", "Google Play System Updates", "ARM components", "MediaTek components", "Unisoc components", "Qualcomm components" sowie"Qualcomm closed-source components". Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuführen, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuführen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Google Android 12L
Google / Android
|
cpe:/o:google:android:12l
|
— | |
|
Google Android 13
Google / Android
|
cpe:/o:google:android:13
|
— | |
|
Google Android 12
Google / Android
|
cpe:/o:google:android:12
|
— | |
|
Google Android 11
Google / Android
|
cpe:/o:google:android:11
|
— |
In Google Android existieren mehrere Schwachstellen. Diese bestehen in den Komponenten "Framework", "System", "Google Play System Updates", "ARM components", "MediaTek components", "Unisoc components", "Qualcomm components" sowie"Qualcomm closed-source components". Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuführen, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuführen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Google Android 12L
Google / Android
|
cpe:/o:google:android:12l
|
— | |
|
Google Android 13
Google / Android
|
cpe:/o:google:android:13
|
— | |
|
Google Android 12
Google / Android
|
cpe:/o:google:android:12
|
— | |
|
Google Android 11
Google / Android
|
cpe:/o:google:android:11
|
— |
In Google Android existieren mehrere Schwachstellen. Diese bestehen in den Komponenten "Framework", "System", "Google Play System Updates", "ARM components", "MediaTek components", "Unisoc components", "Qualcomm components" sowie"Qualcomm closed-source components". Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuführen, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuführen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Google Android 12L
Google / Android
|
cpe:/o:google:android:12l
|
— | |
|
Google Android 13
Google / Android
|
cpe:/o:google:android:13
|
— | |
|
Google Android 12
Google / Android
|
cpe:/o:google:android:12
|
— | |
|
Google Android 11
Google / Android
|
cpe:/o:google:android:11
|
— |
In Google Android existieren mehrere Schwachstellen. Diese bestehen in den Komponenten "Framework", "System", "Google Play System Updates", "ARM components", "MediaTek components", "Unisoc components", "Qualcomm components" sowie"Qualcomm closed-source components". Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuführen, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuführen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Google Android 12L
Google / Android
|
cpe:/o:google:android:12l
|
— | |
|
Google Android 13
Google / Android
|
cpe:/o:google:android:13
|
— | |
|
Google Android 12
Google / Android
|
cpe:/o:google:android:12
|
— | |
|
Google Android 11
Google / Android
|
cpe:/o:google:android:11
|
— |
In Google Android existieren mehrere Schwachstellen. Diese bestehen in den Komponenten "Framework", "System", "Google Play System Updates", "ARM components", "MediaTek components", "Unisoc components", "Qualcomm components" sowie"Qualcomm closed-source components". Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuführen, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuführen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Google Android 12L
Google / Android
|
cpe:/o:google:android:12l
|
— | |
|
Google Android 13
Google / Android
|
cpe:/o:google:android:13
|
— | |
|
Google Android 12
Google / Android
|
cpe:/o:google:android:12
|
— | |
|
Google Android 11
Google / Android
|
cpe:/o:google:android:11
|
— |
In Google Android existieren mehrere Schwachstellen. Diese bestehen in den Komponenten "Framework", "System", "Google Play System Updates", "ARM components", "MediaTek components", "Unisoc components", "Qualcomm components" sowie"Qualcomm closed-source components". Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuführen, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuführen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Google Android 12L
Google / Android
|
cpe:/o:google:android:12l
|
— | |
|
Google Android 13
Google / Android
|
cpe:/o:google:android:13
|
— | |
|
Google Android 12
Google / Android
|
cpe:/o:google:android:12
|
— | |
|
Google Android 11
Google / Android
|
cpe:/o:google:android:11
|
— |
In Google Android existieren mehrere Schwachstellen. Diese bestehen in den Komponenten "Framework", "System", "Google Play System Updates", "ARM components", "MediaTek components", "Unisoc components", "Qualcomm components" sowie"Qualcomm closed-source components". Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuführen, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuführen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Google Android 12L
Google / Android
|
cpe:/o:google:android:12l
|
— | |
|
Google Android 13
Google / Android
|
cpe:/o:google:android:13
|
— | |
|
Google Android 12
Google / Android
|
cpe:/o:google:android:12
|
— | |
|
Google Android 11
Google / Android
|
cpe:/o:google:android:11
|
— |
In Google Android existieren mehrere Schwachstellen. Diese bestehen in den Komponenten "Framework", "System", "Google Play System Updates", "ARM components", "MediaTek components", "Unisoc components", "Qualcomm components" sowie"Qualcomm closed-source components". Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuführen, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuführen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Google Android 12L
Google / Android
|
cpe:/o:google:android:12l
|
— | |
|
Google Android 13
Google / Android
|
cpe:/o:google:android:13
|
— | |
|
Google Android 12
Google / Android
|
cpe:/o:google:android:12
|
— | |
|
Google Android 11
Google / Android
|
cpe:/o:google:android:11
|
— |
In Google Android existieren mehrere Schwachstellen. Diese bestehen in den Komponenten "Framework", "System", "Google Play System Updates", "ARM components", "MediaTek components", "Unisoc components", "Qualcomm components" sowie"Qualcomm closed-source components". Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuführen, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuführen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Google Android 12L
Google / Android
|
cpe:/o:google:android:12l
|
— | |
|
Google Android 13
Google / Android
|
cpe:/o:google:android:13
|
— | |
|
Google Android 12
Google / Android
|
cpe:/o:google:android:12
|
— | |
|
Google Android 11
Google / Android
|
cpe:/o:google:android:11
|
— |
In Google Android existieren mehrere Schwachstellen. Diese bestehen in den Komponenten "Framework", "System", "Google Play System Updates", "ARM components", "MediaTek components", "Unisoc components", "Qualcomm components" sowie"Qualcomm closed-source components". Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuführen, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuführen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Google Android 12L
Google / Android
|
cpe:/o:google:android:12l
|
— | |
|
Google Android 13
Google / Android
|
cpe:/o:google:android:13
|
— | |
|
Google Android 12
Google / Android
|
cpe:/o:google:android:12
|
— | |
|
Google Android 11
Google / Android
|
cpe:/o:google:android:11
|
— |
In Google Android existieren mehrere Schwachstellen. Diese bestehen in den Komponenten "Framework", "System", "Google Play System Updates", "ARM components", "MediaTek components", "Unisoc components", "Qualcomm components" sowie"Qualcomm closed-source components". Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuführen, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuführen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Google Android 12L
Google / Android
|
cpe:/o:google:android:12l
|
— | |
|
Google Android 13
Google / Android
|
cpe:/o:google:android:13
|
— | |
|
Google Android 12
Google / Android
|
cpe:/o:google:android:12
|
— | |
|
Google Android 11
Google / Android
|
cpe:/o:google:android:11
|
— |
In Google Android existieren mehrere Schwachstellen. Diese bestehen in den Komponenten "Framework", "System", "Google Play System Updates", "ARM components", "MediaTek components", "Unisoc components", "Qualcomm components" sowie"Qualcomm closed-source components". Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuführen, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuführen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Google Android 12L
Google / Android
|
cpe:/o:google:android:12l
|
— | |
|
Google Android 13
Google / Android
|
cpe:/o:google:android:13
|
— | |
|
Google Android 12
Google / Android
|
cpe:/o:google:android:12
|
— | |
|
Google Android 11
Google / Android
|
cpe:/o:google:android:11
|
— |
In Google Android existieren mehrere Schwachstellen. Diese bestehen in den Komponenten "Framework", "System", "Google Play System Updates", "ARM components", "MediaTek components", "Unisoc components", "Qualcomm components" sowie"Qualcomm closed-source components". Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuführen, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuführen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Google Android 12L
Google / Android
|
cpe:/o:google:android:12l
|
— | |
|
Google Android 13
Google / Android
|
cpe:/o:google:android:13
|
— | |
|
Google Android 12
Google / Android
|
cpe:/o:google:android:12
|
— | |
|
Google Android 11
Google / Android
|
cpe:/o:google:android:11
|
— |
In Google Android existieren mehrere Schwachstellen. Diese bestehen in den Komponenten "Framework", "System", "Google Play System Updates", "ARM components", "MediaTek components", "Unisoc components", "Qualcomm components" sowie"Qualcomm closed-source components". Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuführen, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuführen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Google Android 12L
Google / Android
|
cpe:/o:google:android:12l
|
— | |
|
Google Android 13
Google / Android
|
cpe:/o:google:android:13
|
— | |
|
Google Android 12
Google / Android
|
cpe:/o:google:android:12
|
— | |
|
Google Android 11
Google / Android
|
cpe:/o:google:android:11
|
— |
In Google Android existieren mehrere Schwachstellen. Diese bestehen in den Komponenten "Framework", "System", "Google Play System Updates", "ARM components", "MediaTek components", "Unisoc components", "Qualcomm components" sowie"Qualcomm closed-source components". Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuführen, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuführen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Google Android 12L
Google / Android
|
cpe:/o:google:android:12l
|
— | |
|
Google Android 13
Google / Android
|
cpe:/o:google:android:13
|
— | |
|
Google Android 12
Google / Android
|
cpe:/o:google:android:12
|
— | |
|
Google Android 11
Google / Android
|
cpe:/o:google:android:11
|
— |
In Google Android existieren mehrere Schwachstellen. Diese bestehen in den Komponenten "Framework", "System", "Google Play System Updates", "ARM components", "MediaTek components", "Unisoc components", "Qualcomm components" sowie"Qualcomm closed-source components". Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuführen, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuführen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Google Android 12L
Google / Android
|
cpe:/o:google:android:12l
|
— | |
|
Google Android 13
Google / Android
|
cpe:/o:google:android:13
|
— | |
|
Google Android 12
Google / Android
|
cpe:/o:google:android:12
|
— | |
|
Google Android 11
Google / Android
|
cpe:/o:google:android:11
|
— |
In Google Android existieren mehrere Schwachstellen. Diese bestehen in den Komponenten "Framework", "System", "Google Play System Updates", "ARM components", "MediaTek components", "Unisoc components", "Qualcomm components" sowie"Qualcomm closed-source components". Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuführen, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuführen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Google Android 12L
Google / Android
|
cpe:/o:google:android:12l
|
— | |
|
Google Android 13
Google / Android
|
cpe:/o:google:android:13
|
— | |
|
Google Android 12
Google / Android
|
cpe:/o:google:android:12
|
— | |
|
Google Android 11
Google / Android
|
cpe:/o:google:android:11
|
— |
In Google Android existieren mehrere Schwachstellen. Diese bestehen in den Komponenten "Framework", "System", "Google Play System Updates", "ARM components", "MediaTek components", "Unisoc components", "Qualcomm components" sowie"Qualcomm closed-source components". Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuführen, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuführen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Google Android 12L
Google / Android
|
cpe:/o:google:android:12l
|
— | |
|
Google Android 13
Google / Android
|
cpe:/o:google:android:13
|
— | |
|
Google Android 12
Google / Android
|
cpe:/o:google:android:12
|
— | |
|
Google Android 11
Google / Android
|
cpe:/o:google:android:11
|
— |
In Google Android existieren mehrere Schwachstellen. Diese bestehen in den Komponenten "Framework", "System", "Google Play System Updates", "ARM components", "MediaTek components", "Unisoc components", "Qualcomm components" sowie"Qualcomm closed-source components". Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuführen, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuführen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Google Android 12L
Google / Android
|
cpe:/o:google:android:12l
|
— | |
|
Google Android 13
Google / Android
|
cpe:/o:google:android:13
|
— | |
|
Google Android 12
Google / Android
|
cpe:/o:google:android:12
|
— | |
|
Google Android 11
Google / Android
|
cpe:/o:google:android:11
|
— |
In Google Android existieren mehrere Schwachstellen. Diese bestehen in den Komponenten "Framework", "System", "Google Play System Updates", "ARM components", "MediaTek components", "Unisoc components", "Qualcomm components" sowie"Qualcomm closed-source components". Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuführen, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuführen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Google Android 12L
Google / Android
|
cpe:/o:google:android:12l
|
— | |
|
Google Android 13
Google / Android
|
cpe:/o:google:android:13
|
— | |
|
Google Android 12
Google / Android
|
cpe:/o:google:android:12
|
— | |
|
Google Android 11
Google / Android
|
cpe:/o:google:android:11
|
— |
In Google Android existieren mehrere Schwachstellen. Diese bestehen in den Komponenten "Framework", "System", "Google Play System Updates", "ARM components", "MediaTek components", "Unisoc components", "Qualcomm components" sowie"Qualcomm closed-source components". Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuführen, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuführen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Google Android 12L
Google / Android
|
cpe:/o:google:android:12l
|
— | |
|
Google Android 13
Google / Android
|
cpe:/o:google:android:13
|
— | |
|
Google Android 12
Google / Android
|
cpe:/o:google:android:12
|
— | |
|
Google Android 11
Google / Android
|
cpe:/o:google:android:11
|
— |
In Google Android existieren mehrere Schwachstellen. Diese bestehen in den Komponenten "Framework", "System", "Google Play System Updates", "ARM components", "MediaTek components", "Unisoc components", "Qualcomm components" sowie"Qualcomm closed-source components". Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuführen, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuführen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Google Android 12L
Google / Android
|
cpe:/o:google:android:12l
|
— | |
|
Google Android 13
Google / Android
|
cpe:/o:google:android:13
|
— | |
|
Google Android 12
Google / Android
|
cpe:/o:google:android:12
|
— | |
|
Google Android 11
Google / Android
|
cpe:/o:google:android:11
|
— |
In Google Android existieren mehrere Schwachstellen. Diese bestehen in den Komponenten "Framework", "System", "Google Play System Updates", "ARM components", "MediaTek components", "Unisoc components", "Qualcomm components" sowie"Qualcomm closed-source components". Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuführen, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuführen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Google Android 12L
Google / Android
|
cpe:/o:google:android:12l
|
— | |
|
Google Android 13
Google / Android
|
cpe:/o:google:android:13
|
— | |
|
Google Android 12
Google / Android
|
cpe:/o:google:android:12
|
— | |
|
Google Android 11
Google / Android
|
cpe:/o:google:android:11
|
— |
In Google Android existieren mehrere Schwachstellen. Diese bestehen in den Komponenten "Framework", "System", "Google Play System Updates", "ARM components", "MediaTek components", "Unisoc components", "Qualcomm components" sowie"Qualcomm closed-source components". Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuführen, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuführen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Google Android 12L
Google / Android
|
cpe:/o:google:android:12l
|
— | |
|
Google Android 13
Google / Android
|
cpe:/o:google:android:13
|
— | |
|
Google Android 12
Google / Android
|
cpe:/o:google:android:12
|
— | |
|
Google Android 11
Google / Android
|
cpe:/o:google:android:11
|
— |
In Google Android existieren mehrere Schwachstellen. Diese bestehen in den Komponenten "Framework", "System", "Google Play System Updates", "ARM components", "MediaTek components", "Unisoc components", "Qualcomm components" sowie"Qualcomm closed-source components". Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuführen, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuführen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Google Android 12L
Google / Android
|
cpe:/o:google:android:12l
|
— | |
|
Google Android 13
Google / Android
|
cpe:/o:google:android:13
|
— | |
|
Google Android 12
Google / Android
|
cpe:/o:google:android:12
|
— | |
|
Google Android 11
Google / Android
|
cpe:/o:google:android:11
|
— |
In Google Android existieren mehrere Schwachstellen. Diese bestehen in den Komponenten "Framework", "System", "Google Play System Updates", "ARM components", "MediaTek components", "Unisoc components", "Qualcomm components" sowie"Qualcomm closed-source components". Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuführen, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuführen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Google Android 12L
Google / Android
|
cpe:/o:google:android:12l
|
— | |
|
Google Android 13
Google / Android
|
cpe:/o:google:android:13
|
— | |
|
Google Android 12
Google / Android
|
cpe:/o:google:android:12
|
— | |
|
Google Android 11
Google / Android
|
cpe:/o:google:android:11
|
— |
In Google Android existieren mehrere Schwachstellen. Diese bestehen in den Komponenten "Framework", "System", "Google Play System Updates", "ARM components", "MediaTek components", "Unisoc components", "Qualcomm components" sowie"Qualcomm closed-source components". Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuführen, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuführen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Google Android 12L
Google / Android
|
cpe:/o:google:android:12l
|
— | |
|
Google Android 13
Google / Android
|
cpe:/o:google:android:13
|
— | |
|
Google Android 12
Google / Android
|
cpe:/o:google:android:12
|
— | |
|
Google Android 11
Google / Android
|
cpe:/o:google:android:11
|
— |
In Google Android existieren mehrere Schwachstellen. Diese bestehen in den Komponenten "Framework", "System", "Google Play System Updates", "ARM components", "MediaTek components", "Unisoc components", "Qualcomm components" sowie"Qualcomm closed-source components". Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuführen, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuführen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Google Android 12L
Google / Android
|
cpe:/o:google:android:12l
|
— | |
|
Google Android 13
Google / Android
|
cpe:/o:google:android:13
|
— | |
|
Google Android 12
Google / Android
|
cpe:/o:google:android:12
|
— | |
|
Google Android 11
Google / Android
|
cpe:/o:google:android:11
|
— |
In Google Android existieren mehrere Schwachstellen. Diese bestehen in den Komponenten "Framework", "System", "Google Play System Updates", "ARM components", "MediaTek components", "Unisoc components", "Qualcomm components" sowie"Qualcomm closed-source components". Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuführen, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuführen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Google Android 12L
Google / Android
|
cpe:/o:google:android:12l
|
— | |
|
Google Android 13
Google / Android
|
cpe:/o:google:android:13
|
— | |
|
Google Android 12
Google / Android
|
cpe:/o:google:android:12
|
— | |
|
Google Android 11
Google / Android
|
cpe:/o:google:android:11
|
— |
In Google Android existieren mehrere Schwachstellen. Diese bestehen in den Komponenten "Framework", "System", "Google Play System Updates", "ARM components", "MediaTek components", "Unisoc components", "Qualcomm components" sowie"Qualcomm closed-source components". Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuführen, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuführen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Google Android 12L
Google / Android
|
cpe:/o:google:android:12l
|
— | |
|
Google Android 13
Google / Android
|
cpe:/o:google:android:13
|
— | |
|
Google Android 12
Google / Android
|
cpe:/o:google:android:12
|
— | |
|
Google Android 11
Google / Android
|
cpe:/o:google:android:11
|
— |
In Google Android existieren mehrere Schwachstellen. Diese bestehen in den Komponenten "Framework", "System", "Google Play System Updates", "ARM components", "MediaTek components", "Unisoc components", "Qualcomm components" sowie"Qualcomm closed-source components". Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuführen, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuführen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Google Android 12L
Google / Android
|
cpe:/o:google:android:12l
|
— | |
|
Google Android 13
Google / Android
|
cpe:/o:google:android:13
|
— | |
|
Google Android 12
Google / Android
|
cpe:/o:google:android:12
|
— | |
|
Google Android 11
Google / Android
|
cpe:/o:google:android:11
|
— |
In Google Android existieren mehrere Schwachstellen. Diese bestehen in den Komponenten "Framework", "System", "Google Play System Updates", "ARM components", "MediaTek components", "Unisoc components", "Qualcomm components" sowie"Qualcomm closed-source components". Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuführen, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuführen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Google Android 12L
Google / Android
|
cpe:/o:google:android:12l
|
— | |
|
Google Android 13
Google / Android
|
cpe:/o:google:android:13
|
— | |
|
Google Android 12
Google / Android
|
cpe:/o:google:android:12
|
— | |
|
Google Android 11
Google / Android
|
cpe:/o:google:android:11
|
— |
In Google Android existieren mehrere Schwachstellen. Diese bestehen in den Komponenten "Framework", "System", "Google Play System Updates", "ARM components", "MediaTek components", "Unisoc components", "Qualcomm components" sowie"Qualcomm closed-source components". Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuführen, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuführen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Google Android 12L
Google / Android
|
cpe:/o:google:android:12l
|
— | |
|
Google Android 13
Google / Android
|
cpe:/o:google:android:13
|
— | |
|
Google Android 12
Google / Android
|
cpe:/o:google:android:12
|
— | |
|
Google Android 11
Google / Android
|
cpe:/o:google:android:11
|
— |
In Google Android existieren mehrere Schwachstellen. Diese bestehen in den Komponenten "Framework", "System", "Google Play System Updates", "ARM components", "MediaTek components", "Unisoc components", "Qualcomm components" sowie"Qualcomm closed-source components". Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuführen, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuführen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Google Android 12L
Google / Android
|
cpe:/o:google:android:12l
|
— | |
|
Google Android 13
Google / Android
|
cpe:/o:google:android:13
|
— | |
|
Google Android 12
Google / Android
|
cpe:/o:google:android:12
|
— | |
|
Google Android 11
Google / Android
|
cpe:/o:google:android:11
|
— |
In Google Android existieren mehrere Schwachstellen. Diese bestehen in den Komponenten "Framework", "System", "Google Play System Updates", "ARM components", "MediaTek components", "Unisoc components", "Qualcomm components" sowie"Qualcomm closed-source components". Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuführen, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuführen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Google Android 12L
Google / Android
|
cpe:/o:google:android:12l
|
— | |
|
Google Android 13
Google / Android
|
cpe:/o:google:android:13
|
— | |
|
Google Android 12
Google / Android
|
cpe:/o:google:android:12
|
— | |
|
Google Android 11
Google / Android
|
cpe:/o:google:android:11
|
— |
In Google Android existieren mehrere Schwachstellen. Diese bestehen in den Komponenten "Framework", "System", "Google Play System Updates", "ARM components", "MediaTek components", "Unisoc components", "Qualcomm components" sowie"Qualcomm closed-source components". Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuführen, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuführen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Google Android 12L
Google / Android
|
cpe:/o:google:android:12l
|
— | |
|
Google Android 13
Google / Android
|
cpe:/o:google:android:13
|
— | |
|
Google Android 12
Google / Android
|
cpe:/o:google:android:12
|
— | |
|
Google Android 11
Google / Android
|
cpe:/o:google:android:11
|
— |
In Google Android existieren mehrere Schwachstellen. Diese bestehen in den Komponenten "Framework", "System", "Google Play System Updates", "ARM components", "MediaTek components", "Unisoc components", "Qualcomm components" sowie"Qualcomm closed-source components". Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuführen, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuführen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Google Android 12L
Google / Android
|
cpe:/o:google:android:12l
|
— | |
|
Google Android 13
Google / Android
|
cpe:/o:google:android:13
|
— | |
|
Google Android 12
Google / Android
|
cpe:/o:google:android:12
|
— | |
|
Google Android 11
Google / Android
|
cpe:/o:google:android:11
|
— |
In Google Android existieren mehrere Schwachstellen. Diese bestehen in den Komponenten "Framework", "System", "Google Play System Updates", "ARM components", "MediaTek components", "Unisoc components", "Qualcomm components" sowie"Qualcomm closed-source components". Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuführen, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuführen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Google Android 12L
Google / Android
|
cpe:/o:google:android:12l
|
— | |
|
Google Android 13
Google / Android
|
cpe:/o:google:android:13
|
— | |
|
Google Android 12
Google / Android
|
cpe:/o:google:android:12
|
— | |
|
Google Android 11
Google / Android
|
cpe:/o:google:android:11
|
— |
In Google Android existieren mehrere Schwachstellen. Diese bestehen in den Komponenten "Framework", "System", "Google Play System Updates", "ARM components", "MediaTek components", "Unisoc components", "Qualcomm components" sowie"Qualcomm closed-source components". Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuführen, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuführen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Google Android 12L
Google / Android
|
cpe:/o:google:android:12l
|
— | |
|
Google Android 13
Google / Android
|
cpe:/o:google:android:13
|
— | |
|
Google Android 12
Google / Android
|
cpe:/o:google:android:12
|
— | |
|
Google Android 11
Google / Android
|
cpe:/o:google:android:11
|
— |
In Google Android existieren mehrere Schwachstellen. Diese bestehen in den Komponenten "Framework", "System", "Google Play System Updates", "ARM components", "MediaTek components", "Unisoc components", "Qualcomm components" sowie"Qualcomm closed-source components". Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuführen, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuführen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Google Android 12L
Google / Android
|
cpe:/o:google:android:12l
|
— | |
|
Google Android 13
Google / Android
|
cpe:/o:google:android:13
|
— | |
|
Google Android 12
Google / Android
|
cpe:/o:google:android:12
|
— | |
|
Google Android 11
Google / Android
|
cpe:/o:google:android:11
|
— |
In Google Android existieren mehrere Schwachstellen. Diese bestehen in den Komponenten "Framework", "System", "Google Play System Updates", "ARM components", "MediaTek components", "Unisoc components", "Qualcomm components" sowie"Qualcomm closed-source components". Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuführen, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuführen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Google Android 12L
Google / Android
|
cpe:/o:google:android:12l
|
— | |
|
Google Android 13
Google / Android
|
cpe:/o:google:android:13
|
— | |
|
Google Android 12
Google / Android
|
cpe:/o:google:android:12
|
— | |
|
Google Android 11
Google / Android
|
cpe:/o:google:android:11
|
— |
In Google Android existieren mehrere Schwachstellen. Diese bestehen in den Komponenten "Framework", "System", "Google Play System Updates", "ARM components", "MediaTek components", "Unisoc components", "Qualcomm components" sowie"Qualcomm closed-source components". Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuführen, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuführen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Google Android 12L
Google / Android
|
cpe:/o:google:android:12l
|
— | |
|
Google Android 13
Google / Android
|
cpe:/o:google:android:13
|
— | |
|
Google Android 12
Google / Android
|
cpe:/o:google:android:12
|
— | |
|
Google Android 11
Google / Android
|
cpe:/o:google:android:11
|
— |
In Google Android existieren mehrere Schwachstellen. Diese bestehen in den Komponenten "Framework", "System", "Google Play System Updates", "ARM components", "MediaTek components", "Unisoc components", "Qualcomm components" sowie"Qualcomm closed-source components". Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuführen, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuführen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Google Android 12L
Google / Android
|
cpe:/o:google:android:12l
|
— | |
|
Google Android 13
Google / Android
|
cpe:/o:google:android:13
|
— | |
|
Google Android 12
Google / Android
|
cpe:/o:google:android:12
|
— | |
|
Google Android 11
Google / Android
|
cpe:/o:google:android:11
|
— |
In Google Android existieren mehrere Schwachstellen. Diese bestehen in den Komponenten "Framework", "System", "Google Play System Updates", "ARM components", "MediaTek components", "Unisoc components", "Qualcomm components" sowie"Qualcomm closed-source components". Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuführen, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuführen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Google Android 12L
Google / Android
|
cpe:/o:google:android:12l
|
— | |
|
Google Android 13
Google / Android
|
cpe:/o:google:android:13
|
— | |
|
Google Android 12
Google / Android
|
cpe:/o:google:android:12
|
— | |
|
Google Android 11
Google / Android
|
cpe:/o:google:android:11
|
— |
In Google Android existieren mehrere Schwachstellen. Diese bestehen in den Komponenten "Framework", "System", "Google Play System Updates", "ARM components", "MediaTek components", "Unisoc components", "Qualcomm components" sowie"Qualcomm closed-source components". Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuführen, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuführen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Google Android 12L
Google / Android
|
cpe:/o:google:android:12l
|
— | |
|
Google Android 13
Google / Android
|
cpe:/o:google:android:13
|
— | |
|
Google Android 12
Google / Android
|
cpe:/o:google:android:12
|
— | |
|
Google Android 11
Google / Android
|
cpe:/o:google:android:11
|
— |
In Google Android existieren mehrere Schwachstellen. Diese bestehen in den Komponenten "Framework", "System", "Google Play System Updates", "ARM components", "MediaTek components", "Unisoc components", "Qualcomm components" sowie"Qualcomm closed-source components". Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuführen, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuführen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Google Android 12L
Google / Android
|
cpe:/o:google:android:12l
|
— | |
|
Google Android 13
Google / Android
|
cpe:/o:google:android:13
|
— | |
|
Google Android 12
Google / Android
|
cpe:/o:google:android:12
|
— | |
|
Google Android 11
Google / Android
|
cpe:/o:google:android:11
|
— |
In Google Android existieren mehrere Schwachstellen. Diese bestehen in den Komponenten "Framework", "System", "Google Play System Updates", "ARM components", "MediaTek components", "Unisoc components", "Qualcomm components" sowie"Qualcomm closed-source components". Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuführen, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuführen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Google Android 12L
Google / Android
|
cpe:/o:google:android:12l
|
— | |
|
Google Android 13
Google / Android
|
cpe:/o:google:android:13
|
— | |
|
Google Android 12
Google / Android
|
cpe:/o:google:android:12
|
— | |
|
Google Android 11
Google / Android
|
cpe:/o:google:android:11
|
— |
In Google Android existieren mehrere Schwachstellen. Diese bestehen in den Komponenten "Framework", "System", "Google Play System Updates", "ARM components", "MediaTek components", "Unisoc components", "Qualcomm components" sowie"Qualcomm closed-source components". Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuführen, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuführen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Google Android 12L
Google / Android
|
cpe:/o:google:android:12l
|
— | |
|
Google Android 13
Google / Android
|
cpe:/o:google:android:13
|
— | |
|
Google Android 12
Google / Android
|
cpe:/o:google:android:12
|
— | |
|
Google Android 11
Google / Android
|
cpe:/o:google:android:11
|
— |
In Google Android existieren mehrere Schwachstellen. Diese bestehen in den Komponenten "Framework", "System", "Google Play System Updates", "ARM components", "MediaTek components", "Unisoc components", "Qualcomm components" sowie"Qualcomm closed-source components". Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuführen, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuführen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Google Android 12L
Google / Android
|
cpe:/o:google:android:12l
|
— | |
|
Google Android 13
Google / Android
|
cpe:/o:google:android:13
|
— | |
|
Google Android 12
Google / Android
|
cpe:/o:google:android:12
|
— | |
|
Google Android 11
Google / Android
|
cpe:/o:google:android:11
|
— |
In Google Android existieren mehrere Schwachstellen. Diese bestehen in den Komponenten "Framework", "System", "Google Play System Updates", "ARM components", "MediaTek components", "Unisoc components", "Qualcomm components" sowie"Qualcomm closed-source components". Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuführen, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuführen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Google Android 12L
Google / Android
|
cpe:/o:google:android:12l
|
— | |
|
Google Android 13
Google / Android
|
cpe:/o:google:android:13
|
— | |
|
Google Android 12
Google / Android
|
cpe:/o:google:android:12
|
— | |
|
Google Android 11
Google / Android
|
cpe:/o:google:android:11
|
— |
In Google Android existieren mehrere Schwachstellen. Diese bestehen in den Komponenten "Framework", "System", "Google Play System Updates", "ARM components", "MediaTek components", "Unisoc components", "Qualcomm components" sowie"Qualcomm closed-source components". Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuführen, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuführen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Google Android 12L
Google / Android
|
cpe:/o:google:android:12l
|
— | |
|
Google Android 13
Google / Android
|
cpe:/o:google:android:13
|
— | |
|
Google Android 12
Google / Android
|
cpe:/o:google:android:12
|
— | |
|
Google Android 11
Google / Android
|
cpe:/o:google:android:11
|
— |
References
3 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Das Android Betriebssystem ist eine quelloffene Plattform f\u00fcr mobile Ger\u00e4te. Die Basis bildet der Linux-Kernel.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer kann mehrere Schwachstellen in Google Android ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Android",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2023-2548 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-2548.json"
},
{
"category": "self",
"summary": "WID-SEC-2023-2548 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2548"
},
{
"category": "external",
"summary": "Android Patchday Oktober 2023 vom 2023-10-03",
"url": "https://source.android.com/docs/security/bulletin/2023-10-01"
}
],
"source_lang": "en-US",
"title": "Google Android: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2023-10-03T22:00:00.000+00:00",
"generator": {
"date": "2024-08-15T17:59:23.276+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.5"
}
},
"id": "WID-SEC-W-2023-2548",
"initial_release_date": "2023-10-03T22:00:00.000+00:00",
"revision_history": [
{
"date": "2023-10-03T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Google Android 11",
"product": {
"name": "Google Android 11",
"product_id": "T017166",
"product_identification_helper": {
"cpe": "cpe:/o:google:android:11"
}
}
},
{
"category": "product_name",
"name": "Google Android 12",
"product": {
"name": "Google Android 12",
"product_id": "T020881",
"product_identification_helper": {
"cpe": "cpe:/o:google:android:12"
}
}
},
{
"category": "product_name",
"name": "Google Android 13",
"product": {
"name": "Google Android 13",
"product_id": "T029729",
"product_identification_helper": {
"cpe": "cpe:/o:google:android:13"
}
}
},
{
"category": "product_name",
"name": "Google Android 12L",
"product": {
"name": "Google Android 12L",
"product_id": "T030210",
"product_identification_helper": {
"cpe": "cpe:/o:google:android:12l"
}
}
}
],
"category": "product_name",
"name": "Android"
}
],
"category": "vendor",
"name": "Google"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-5129",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Diese bestehen in den Komponenten \"Framework\", \"System\", \"Google Play System Updates\", \"ARM components\", \"MediaTek components\", \"Unisoc components\", \"Qualcomm components\" sowie\"Qualcomm closed-source components\". Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T030210",
"T029729",
"T020881",
"T017166"
]
},
"release_date": "2023-10-03T22:00:00.000+00:00",
"title": "CVE-2023-5129"
},
{
"cve": "CVE-2023-4863",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Diese bestehen in den Komponenten \"Framework\", \"System\", \"Google Play System Updates\", \"ARM components\", \"MediaTek components\", \"Unisoc components\", \"Qualcomm components\" sowie\"Qualcomm closed-source components\". Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T030210",
"T029729",
"T020881",
"T017166"
]
},
"release_date": "2023-10-03T22:00:00.000+00:00",
"title": "CVE-2023-4863"
},
{
"cve": "CVE-2023-4211",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Diese bestehen in den Komponenten \"Framework\", \"System\", \"Google Play System Updates\", \"ARM components\", \"MediaTek components\", \"Unisoc components\", \"Qualcomm components\" sowie\"Qualcomm closed-source components\". Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T030210",
"T029729",
"T020881",
"T017166"
]
},
"release_date": "2023-10-03T22:00:00.000+00:00",
"title": "CVE-2023-4211"
},
{
"cve": "CVE-2023-40638",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Diese bestehen in den Komponenten \"Framework\", \"System\", \"Google Play System Updates\", \"ARM components\", \"MediaTek components\", \"Unisoc components\", \"Qualcomm components\" sowie\"Qualcomm closed-source components\". Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T030210",
"T029729",
"T020881",
"T017166"
]
},
"release_date": "2023-10-03T22:00:00.000+00:00",
"title": "CVE-2023-40638"
},
{
"cve": "CVE-2023-40140",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Diese bestehen in den Komponenten \"Framework\", \"System\", \"Google Play System Updates\", \"ARM components\", \"MediaTek components\", \"Unisoc components\", \"Qualcomm components\" sowie\"Qualcomm closed-source components\". Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T030210",
"T029729",
"T020881",
"T017166"
]
},
"release_date": "2023-10-03T22:00:00.000+00:00",
"title": "CVE-2023-40140"
},
{
"cve": "CVE-2023-40139",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Diese bestehen in den Komponenten \"Framework\", \"System\", \"Google Play System Updates\", \"ARM components\", \"MediaTek components\", \"Unisoc components\", \"Qualcomm components\" sowie\"Qualcomm closed-source components\". Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T030210",
"T029729",
"T020881",
"T017166"
]
},
"release_date": "2023-10-03T22:00:00.000+00:00",
"title": "CVE-2023-40139"
},
{
"cve": "CVE-2023-40138",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Diese bestehen in den Komponenten \"Framework\", \"System\", \"Google Play System Updates\", \"ARM components\", \"MediaTek components\", \"Unisoc components\", \"Qualcomm components\" sowie\"Qualcomm closed-source components\". Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T030210",
"T029729",
"T020881",
"T017166"
]
},
"release_date": "2023-10-03T22:00:00.000+00:00",
"title": "CVE-2023-40138"
},
{
"cve": "CVE-2023-40137",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Diese bestehen in den Komponenten \"Framework\", \"System\", \"Google Play System Updates\", \"ARM components\", \"MediaTek components\", \"Unisoc components\", \"Qualcomm components\" sowie\"Qualcomm closed-source components\". Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T030210",
"T029729",
"T020881",
"T017166"
]
},
"release_date": "2023-10-03T22:00:00.000+00:00",
"title": "CVE-2023-40137"
},
{
"cve": "CVE-2023-40136",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Diese bestehen in den Komponenten \"Framework\", \"System\", \"Google Play System Updates\", \"ARM components\", \"MediaTek components\", \"Unisoc components\", \"Qualcomm components\" sowie\"Qualcomm closed-source components\". Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T030210",
"T029729",
"T020881",
"T017166"
]
},
"release_date": "2023-10-03T22:00:00.000+00:00",
"title": "CVE-2023-40136"
},
{
"cve": "CVE-2023-40135",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Diese bestehen in den Komponenten \"Framework\", \"System\", \"Google Play System Updates\", \"ARM components\", \"MediaTek components\", \"Unisoc components\", \"Qualcomm components\" sowie\"Qualcomm closed-source components\". Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T030210",
"T029729",
"T020881",
"T017166"
]
},
"release_date": "2023-10-03T22:00:00.000+00:00",
"title": "CVE-2023-40135"
},
{
"cve": "CVE-2023-40134",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Diese bestehen in den Komponenten \"Framework\", \"System\", \"Google Play System Updates\", \"ARM components\", \"MediaTek components\", \"Unisoc components\", \"Qualcomm components\" sowie\"Qualcomm closed-source components\". Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T030210",
"T029729",
"T020881",
"T017166"
]
},
"release_date": "2023-10-03T22:00:00.000+00:00",
"title": "CVE-2023-40134"
},
{
"cve": "CVE-2023-40133",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Diese bestehen in den Komponenten \"Framework\", \"System\", \"Google Play System Updates\", \"ARM components\", \"MediaTek components\", \"Unisoc components\", \"Qualcomm components\" sowie\"Qualcomm closed-source components\". Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T030210",
"T029729",
"T020881",
"T017166"
]
},
"release_date": "2023-10-03T22:00:00.000+00:00",
"title": "CVE-2023-40133"
},
{
"cve": "CVE-2023-40131",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Diese bestehen in den Komponenten \"Framework\", \"System\", \"Google Play System Updates\", \"ARM components\", \"MediaTek components\", \"Unisoc components\", \"Qualcomm components\" sowie\"Qualcomm closed-source components\". Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T030210",
"T029729",
"T020881",
"T017166"
]
},
"release_date": "2023-10-03T22:00:00.000+00:00",
"title": "CVE-2023-40131"
},
{
"cve": "CVE-2023-40130",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Diese bestehen in den Komponenten \"Framework\", \"System\", \"Google Play System Updates\", \"ARM components\", \"MediaTek components\", \"Unisoc components\", \"Qualcomm components\" sowie\"Qualcomm closed-source components\". Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T030210",
"T029729",
"T020881",
"T017166"
]
},
"release_date": "2023-10-03T22:00:00.000+00:00",
"title": "CVE-2023-40130"
},
{
"cve": "CVE-2023-40129",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Diese bestehen in den Komponenten \"Framework\", \"System\", \"Google Play System Updates\", \"ARM components\", \"MediaTek components\", \"Unisoc components\", \"Qualcomm components\" sowie\"Qualcomm closed-source components\". Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T030210",
"T029729",
"T020881",
"T017166"
]
},
"release_date": "2023-10-03T22:00:00.000+00:00",
"title": "CVE-2023-40129"
},
{
"cve": "CVE-2023-40128",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Diese bestehen in den Komponenten \"Framework\", \"System\", \"Google Play System Updates\", \"ARM components\", \"MediaTek components\", \"Unisoc components\", \"Qualcomm components\" sowie\"Qualcomm closed-source components\". Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T030210",
"T029729",
"T020881",
"T017166"
]
},
"release_date": "2023-10-03T22:00:00.000+00:00",
"title": "CVE-2023-40128"
},
{
"cve": "CVE-2023-40127",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Diese bestehen in den Komponenten \"Framework\", \"System\", \"Google Play System Updates\", \"ARM components\", \"MediaTek components\", \"Unisoc components\", \"Qualcomm components\" sowie\"Qualcomm closed-source components\". Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T030210",
"T029729",
"T020881",
"T017166"
]
},
"release_date": "2023-10-03T22:00:00.000+00:00",
"title": "CVE-2023-40127"
},
{
"cve": "CVE-2023-40125",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Diese bestehen in den Komponenten \"Framework\", \"System\", \"Google Play System Updates\", \"ARM components\", \"MediaTek components\", \"Unisoc components\", \"Qualcomm components\" sowie\"Qualcomm closed-source components\". Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T030210",
"T029729",
"T020881",
"T017166"
]
},
"release_date": "2023-10-03T22:00:00.000+00:00",
"title": "CVE-2023-40125"
},
{
"cve": "CVE-2023-40123",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Diese bestehen in den Komponenten \"Framework\", \"System\", \"Google Play System Updates\", \"ARM components\", \"MediaTek components\", \"Unisoc components\", \"Qualcomm components\" sowie\"Qualcomm closed-source components\". Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T030210",
"T029729",
"T020881",
"T017166"
]
},
"release_date": "2023-10-03T22:00:00.000+00:00",
"title": "CVE-2023-40123"
},
{
"cve": "CVE-2023-40121",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Diese bestehen in den Komponenten \"Framework\", \"System\", \"Google Play System Updates\", \"ARM components\", \"MediaTek components\", \"Unisoc components\", \"Qualcomm components\" sowie\"Qualcomm closed-source components\". Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T030210",
"T029729",
"T020881",
"T017166"
]
},
"release_date": "2023-10-03T22:00:00.000+00:00",
"title": "CVE-2023-40121"
},
{
"cve": "CVE-2023-40120",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Diese bestehen in den Komponenten \"Framework\", \"System\", \"Google Play System Updates\", \"ARM components\", \"MediaTek components\", \"Unisoc components\", \"Qualcomm components\" sowie\"Qualcomm closed-source components\". Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T030210",
"T029729",
"T020881",
"T017166"
]
},
"release_date": "2023-10-03T22:00:00.000+00:00",
"title": "CVE-2023-40120"
},
{
"cve": "CVE-2023-40117",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Diese bestehen in den Komponenten \"Framework\", \"System\", \"Google Play System Updates\", \"ARM components\", \"MediaTek components\", \"Unisoc components\", \"Qualcomm components\" sowie\"Qualcomm closed-source components\". Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T030210",
"T029729",
"T020881",
"T017166"
]
},
"release_date": "2023-10-03T22:00:00.000+00:00",
"title": "CVE-2023-40117"
},
{
"cve": "CVE-2023-40116",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Diese bestehen in den Komponenten \"Framework\", \"System\", \"Google Play System Updates\", \"ARM components\", \"MediaTek components\", \"Unisoc components\", \"Qualcomm components\" sowie\"Qualcomm closed-source components\". Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T030210",
"T029729",
"T020881",
"T017166"
]
},
"release_date": "2023-10-03T22:00:00.000+00:00",
"title": "CVE-2023-40116"
},
{
"cve": "CVE-2023-34970",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Diese bestehen in den Komponenten \"Framework\", \"System\", \"Google Play System Updates\", \"ARM components\", \"MediaTek components\", \"Unisoc components\", \"Qualcomm components\" sowie\"Qualcomm closed-source components\". Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T030210",
"T029729",
"T020881",
"T017166"
]
},
"release_date": "2023-10-03T22:00:00.000+00:00",
"title": "CVE-2023-34970"
},
{
"cve": "CVE-2023-33200",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Diese bestehen in den Komponenten \"Framework\", \"System\", \"Google Play System Updates\", \"ARM components\", \"MediaTek components\", \"Unisoc components\", \"Qualcomm components\" sowie\"Qualcomm closed-source components\". Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T030210",
"T029729",
"T020881",
"T017166"
]
},
"release_date": "2023-10-03T22:00:00.000+00:00",
"title": "CVE-2023-33200"
},
{
"cve": "CVE-2023-33035",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Diese bestehen in den Komponenten \"Framework\", \"System\", \"Google Play System Updates\", \"ARM components\", \"MediaTek components\", \"Unisoc components\", \"Qualcomm components\" sowie\"Qualcomm closed-source components\". Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T030210",
"T029729",
"T020881",
"T017166"
]
},
"release_date": "2023-10-03T22:00:00.000+00:00",
"title": "CVE-2023-33035"
},
{
"cve": "CVE-2023-33034",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Diese bestehen in den Komponenten \"Framework\", \"System\", \"Google Play System Updates\", \"ARM components\", \"MediaTek components\", \"Unisoc components\", \"Qualcomm components\" sowie\"Qualcomm closed-source components\". Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T030210",
"T029729",
"T020881",
"T017166"
]
},
"release_date": "2023-10-03T22:00:00.000+00:00",
"title": "CVE-2023-33034"
},
{
"cve": "CVE-2023-33029",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Diese bestehen in den Komponenten \"Framework\", \"System\", \"Google Play System Updates\", \"ARM components\", \"MediaTek components\", \"Unisoc components\", \"Qualcomm components\" sowie\"Qualcomm closed-source components\". Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T030210",
"T029729",
"T020881",
"T017166"
]
},
"release_date": "2023-10-03T22:00:00.000+00:00",
"title": "CVE-2023-33029"
},
{
"cve": "CVE-2023-33028",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Diese bestehen in den Komponenten \"Framework\", \"System\", \"Google Play System Updates\", \"ARM components\", \"MediaTek components\", \"Unisoc components\", \"Qualcomm components\" sowie\"Qualcomm closed-source components\". Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T030210",
"T029729",
"T020881",
"T017166"
]
},
"release_date": "2023-10-03T22:00:00.000+00:00",
"title": "CVE-2023-33028"
},
{
"cve": "CVE-2023-33027",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Diese bestehen in den Komponenten \"Framework\", \"System\", \"Google Play System Updates\", \"ARM components\", \"MediaTek components\", \"Unisoc components\", \"Qualcomm components\" sowie\"Qualcomm closed-source components\". Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T030210",
"T029729",
"T020881",
"T017166"
]
},
"release_date": "2023-10-03T22:00:00.000+00:00",
"title": "CVE-2023-33027"
},
{
"cve": "CVE-2023-33026",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Diese bestehen in den Komponenten \"Framework\", \"System\", \"Google Play System Updates\", \"ARM components\", \"MediaTek components\", \"Unisoc components\", \"Qualcomm components\" sowie\"Qualcomm closed-source components\". Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T030210",
"T029729",
"T020881",
"T017166"
]
},
"release_date": "2023-10-03T22:00:00.000+00:00",
"title": "CVE-2023-33026"
},
{
"cve": "CVE-2023-32820",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Diese bestehen in den Komponenten \"Framework\", \"System\", \"Google Play System Updates\", \"ARM components\", \"MediaTek components\", \"Unisoc components\", \"Qualcomm components\" sowie\"Qualcomm closed-source components\". Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T030210",
"T029729",
"T020881",
"T017166"
]
},
"release_date": "2023-10-03T22:00:00.000+00:00",
"title": "CVE-2023-32820"
},
{
"cve": "CVE-2023-32819",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Diese bestehen in den Komponenten \"Framework\", \"System\", \"Google Play System Updates\", \"ARM components\", \"MediaTek components\", \"Unisoc components\", \"Qualcomm components\" sowie\"Qualcomm closed-source components\". Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T030210",
"T029729",
"T020881",
"T017166"
]
},
"release_date": "2023-10-03T22:00:00.000+00:00",
"title": "CVE-2023-32819"
},
{
"cve": "CVE-2023-28540",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Diese bestehen in den Komponenten \"Framework\", \"System\", \"Google Play System Updates\", \"ARM components\", \"MediaTek components\", \"Unisoc components\", \"Qualcomm components\" sowie\"Qualcomm closed-source components\". Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T030210",
"T029729",
"T020881",
"T017166"
]
},
"release_date": "2023-10-03T22:00:00.000+00:00",
"title": "CVE-2023-28540"
},
{
"cve": "CVE-2023-24855",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Diese bestehen in den Komponenten \"Framework\", \"System\", \"Google Play System Updates\", \"ARM components\", \"MediaTek components\", \"Unisoc components\", \"Qualcomm components\" sowie\"Qualcomm closed-source components\". Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T030210",
"T029729",
"T020881",
"T017166"
]
},
"release_date": "2023-10-03T22:00:00.000+00:00",
"title": "CVE-2023-24855"
},
{
"cve": "CVE-2023-24853",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Diese bestehen in den Komponenten \"Framework\", \"System\", \"Google Play System Updates\", \"ARM components\", \"MediaTek components\", \"Unisoc components\", \"Qualcomm components\" sowie\"Qualcomm closed-source components\". Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T030210",
"T029729",
"T020881",
"T017166"
]
},
"release_date": "2023-10-03T22:00:00.000+00:00",
"title": "CVE-2023-24853"
},
{
"cve": "CVE-2023-24850",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Diese bestehen in den Komponenten \"Framework\", \"System\", \"Google Play System Updates\", \"ARM components\", \"MediaTek components\", \"Unisoc components\", \"Qualcomm components\" sowie\"Qualcomm closed-source components\". Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T030210",
"T029729",
"T020881",
"T017166"
]
},
"release_date": "2023-10-03T22:00:00.000+00:00",
"title": "CVE-2023-24850"
},
{
"cve": "CVE-2023-24849",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Diese bestehen in den Komponenten \"Framework\", \"System\", \"Google Play System Updates\", \"ARM components\", \"MediaTek components\", \"Unisoc components\", \"Qualcomm components\" sowie\"Qualcomm closed-source components\". Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T030210",
"T029729",
"T020881",
"T017166"
]
},
"release_date": "2023-10-03T22:00:00.000+00:00",
"title": "CVE-2023-24849"
},
{
"cve": "CVE-2023-24848",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Diese bestehen in den Komponenten \"Framework\", \"System\", \"Google Play System Updates\", \"ARM components\", \"MediaTek components\", \"Unisoc components\", \"Qualcomm components\" sowie\"Qualcomm closed-source components\". Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T030210",
"T029729",
"T020881",
"T017166"
]
},
"release_date": "2023-10-03T22:00:00.000+00:00",
"title": "CVE-2023-24848"
},
{
"cve": "CVE-2023-24847",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Diese bestehen in den Komponenten \"Framework\", \"System\", \"Google Play System Updates\", \"ARM components\", \"MediaTek components\", \"Unisoc components\", \"Qualcomm components\" sowie\"Qualcomm closed-source components\". Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T030210",
"T029729",
"T020881",
"T017166"
]
},
"release_date": "2023-10-03T22:00:00.000+00:00",
"title": "CVE-2023-24847"
},
{
"cve": "CVE-2023-24844",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Diese bestehen in den Komponenten \"Framework\", \"System\", \"Google Play System Updates\", \"ARM components\", \"MediaTek components\", \"Unisoc components\", \"Qualcomm components\" sowie\"Qualcomm closed-source components\". Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T030210",
"T029729",
"T020881",
"T017166"
]
},
"release_date": "2023-10-03T22:00:00.000+00:00",
"title": "CVE-2023-24844"
},
{
"cve": "CVE-2023-24843",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Diese bestehen in den Komponenten \"Framework\", \"System\", \"Google Play System Updates\", \"ARM components\", \"MediaTek components\", \"Unisoc components\", \"Qualcomm components\" sowie\"Qualcomm closed-source components\". Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T030210",
"T029729",
"T020881",
"T017166"
]
},
"release_date": "2023-10-03T22:00:00.000+00:00",
"title": "CVE-2023-24843"
},
{
"cve": "CVE-2023-22385",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Diese bestehen in den Komponenten \"Framework\", \"System\", \"Google Play System Updates\", \"ARM components\", \"MediaTek components\", \"Unisoc components\", \"Qualcomm components\" sowie\"Qualcomm closed-source components\". Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T030210",
"T029729",
"T020881",
"T017166"
]
},
"release_date": "2023-10-03T22:00:00.000+00:00",
"title": "CVE-2023-22385"
},
{
"cve": "CVE-2023-21673",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Diese bestehen in den Komponenten \"Framework\", \"System\", \"Google Play System Updates\", \"ARM components\", \"MediaTek components\", \"Unisoc components\", \"Qualcomm components\" sowie\"Qualcomm closed-source components\". Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T030210",
"T029729",
"T020881",
"T017166"
]
},
"release_date": "2023-10-03T22:00:00.000+00:00",
"title": "CVE-2023-21673"
},
{
"cve": "CVE-2023-21291",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Diese bestehen in den Komponenten \"Framework\", \"System\", \"Google Play System Updates\", \"ARM components\", \"MediaTek components\", \"Unisoc components\", \"Qualcomm components\" sowie\"Qualcomm closed-source components\". Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T030210",
"T029729",
"T020881",
"T017166"
]
},
"release_date": "2023-10-03T22:00:00.000+00:00",
"title": "CVE-2023-21291"
},
{
"cve": "CVE-2023-21266",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Diese bestehen in den Komponenten \"Framework\", \"System\", \"Google Play System Updates\", \"ARM components\", \"MediaTek components\", \"Unisoc components\", \"Qualcomm components\" sowie\"Qualcomm closed-source components\". Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T030210",
"T029729",
"T020881",
"T017166"
]
},
"release_date": "2023-10-03T22:00:00.000+00:00",
"title": "CVE-2023-21266"
},
{
"cve": "CVE-2023-21253",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Diese bestehen in den Komponenten \"Framework\", \"System\", \"Google Play System Updates\", \"ARM components\", \"MediaTek components\", \"Unisoc components\", \"Qualcomm components\" sowie\"Qualcomm closed-source components\". Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T030210",
"T029729",
"T020881",
"T017166"
]
},
"release_date": "2023-10-03T22:00:00.000+00:00",
"title": "CVE-2023-21253"
},
{
"cve": "CVE-2023-21252",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Diese bestehen in den Komponenten \"Framework\", \"System\", \"Google Play System Updates\", \"ARM components\", \"MediaTek components\", \"Unisoc components\", \"Qualcomm components\" sowie\"Qualcomm closed-source components\". Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T030210",
"T029729",
"T020881",
"T017166"
]
},
"release_date": "2023-10-03T22:00:00.000+00:00",
"title": "CVE-2023-21252"
},
{
"cve": "CVE-2023-21244",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Diese bestehen in den Komponenten \"Framework\", \"System\", \"Google Play System Updates\", \"ARM components\", \"MediaTek components\", \"Unisoc components\", \"Qualcomm components\" sowie\"Qualcomm closed-source components\". Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T030210",
"T029729",
"T020881",
"T017166"
]
},
"release_date": "2023-10-03T22:00:00.000+00:00",
"title": "CVE-2023-21244"
},
{
"cve": "CVE-2023-20819",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Diese bestehen in den Komponenten \"Framework\", \"System\", \"Google Play System Updates\", \"ARM components\", \"MediaTek components\", \"Unisoc components\", \"Qualcomm components\" sowie\"Qualcomm closed-source components\". Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T030210",
"T029729",
"T020881",
"T017166"
]
},
"release_date": "2023-10-03T22:00:00.000+00:00",
"title": "CVE-2023-20819"
},
{
"cve": "CVE-2022-28348",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Diese bestehen in den Komponenten \"Framework\", \"System\", \"Google Play System Updates\", \"ARM components\", \"MediaTek components\", \"Unisoc components\", \"Qualcomm components\" sowie\"Qualcomm closed-source components\". Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T030210",
"T029729",
"T020881",
"T017166"
]
},
"release_date": "2023-10-03T22:00:00.000+00:00",
"title": "CVE-2022-28348"
},
{
"cve": "CVE-2021-44828",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Diese bestehen in den Komponenten \"Framework\", \"System\", \"Google Play System Updates\", \"ARM components\", \"MediaTek components\", \"Unisoc components\", \"Qualcomm components\" sowie\"Qualcomm closed-source components\". Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T030210",
"T029729",
"T020881",
"T017166"
]
},
"release_date": "2023-10-03T22:00:00.000+00:00",
"title": "CVE-2021-44828"
}
]
}
WID-SEC-W-2023-2841
Vulnerability from csaf_certbund - Published: 2023-11-06 23:00 - Updated: 2023-12-05 23:00Summary
Samsung Android: Mehrere Schwachstellen ermöglichen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Das Android Betriebssystem ist eine quelloffene Plattform für mobile Geräte. Die Basis bildet der Linux-Kernel.
Angriff: Ein entfernter Angreifer kann mehrere Schwachstellen in Samsung Android ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren.
Betroffene Betriebssysteme: - Android
Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgemäßen Eingabe- und Zertifikatsvalidierung, unsachgemäßer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen.
Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgemäßen Eingabe- und Zertifikatsvalidierung, unsachgemäßer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen.
Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgemäßen Eingabe- und Zertifikatsvalidierung, unsachgemäßer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen.
Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgemäßen Eingabe- und Zertifikatsvalidierung, unsachgemäßer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen.
Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgemäßen Eingabe- und Zertifikatsvalidierung, unsachgemäßer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen.
Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgemäßen Eingabe- und Zertifikatsvalidierung, unsachgemäßer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen.
Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgemäßen Eingabe- und Zertifikatsvalidierung, unsachgemäßer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen.
Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgemäßen Eingabe- und Zertifikatsvalidierung, unsachgemäßer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen.
Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgemäßen Eingabe- und Zertifikatsvalidierung, unsachgemäßer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen.
Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgemäßen Eingabe- und Zertifikatsvalidierung, unsachgemäßer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen.
Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgemäßen Eingabe- und Zertifikatsvalidierung, unsachgemäßer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen.
Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgemäßen Eingabe- und Zertifikatsvalidierung, unsachgemäßer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen.
Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgemäßen Eingabe- und Zertifikatsvalidierung, unsachgemäßer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen.
Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgemäßen Eingabe- und Zertifikatsvalidierung, unsachgemäßer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen.
Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgemäßen Eingabe- und Zertifikatsvalidierung, unsachgemäßer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen.
Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgemäßen Eingabe- und Zertifikatsvalidierung, unsachgemäßer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen.
Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgemäßen Eingabe- und Zertifikatsvalidierung, unsachgemäßer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen.
Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgemäßen Eingabe- und Zertifikatsvalidierung, unsachgemäßer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen.
Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgemäßen Eingabe- und Zertifikatsvalidierung, unsachgemäßer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen.
Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgemäßen Eingabe- und Zertifikatsvalidierung, unsachgemäßer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen.
Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgemäßen Eingabe- und Zertifikatsvalidierung, unsachgemäßer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen.
Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgemäßen Eingabe- und Zertifikatsvalidierung, unsachgemäßer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen.
Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgemäßen Eingabe- und Zertifikatsvalidierung, unsachgemäßer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen.
Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgemäßen Eingabe- und Zertifikatsvalidierung, unsachgemäßer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen.
Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgemäßen Eingabe- und Zertifikatsvalidierung, unsachgemäßer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen.
Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgemäßen Eingabe- und Zertifikatsvalidierung, unsachgemäßer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen.
Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgemäßen Eingabe- und Zertifikatsvalidierung, unsachgemäßer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen.
Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgemäßen Eingabe- und Zertifikatsvalidierung, unsachgemäßer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen.
Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgemäßen Eingabe- und Zertifikatsvalidierung, unsachgemäßer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen.
Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgemäßen Eingabe- und Zertifikatsvalidierung, unsachgemäßer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen.
Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgemäßen Eingabe- und Zertifikatsvalidierung, unsachgemäßer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen.
Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgemäßen Eingabe- und Zertifikatsvalidierung, unsachgemäßer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen.
Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgemäßen Eingabe- und Zertifikatsvalidierung, unsachgemäßer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen.
Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgemäßen Eingabe- und Zertifikatsvalidierung, unsachgemäßer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen.
Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgemäßen Eingabe- und Zertifikatsvalidierung, unsachgemäßer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen.
Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgemäßen Eingabe- und Zertifikatsvalidierung, unsachgemäßer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen.
Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgemäßen Eingabe- und Zertifikatsvalidierung, unsachgemäßer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen.
Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgemäßen Eingabe- und Zertifikatsvalidierung, unsachgemäßer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen.
Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgemäßen Eingabe- und Zertifikatsvalidierung, unsachgemäßer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen.
Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgemäßen Eingabe- und Zertifikatsvalidierung, unsachgemäßer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen.
Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgemäßen Eingabe- und Zertifikatsvalidierung, unsachgemäßer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen.
Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgemäßen Eingabe- und Zertifikatsvalidierung, unsachgemäßer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen.
Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgemäßen Eingabe- und Zertifikatsvalidierung, unsachgemäßer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen.
Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgemäßen Eingabe- und Zertifikatsvalidierung, unsachgemäßer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen.
Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgemäßen Eingabe- und Zertifikatsvalidierung, unsachgemäßer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen.
Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgemäßen Eingabe- und Zertifikatsvalidierung, unsachgemäßer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen.
Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgemäßen Eingabe- und Zertifikatsvalidierung, unsachgemäßer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen.
Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgemäßen Eingabe- und Zertifikatsvalidierung, unsachgemäßer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen.
Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgemäßen Eingabe- und Zertifikatsvalidierung, unsachgemäßer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen.
Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgemäßen Eingabe- und Zertifikatsvalidierung, unsachgemäßer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen.
Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgemäßen Eingabe- und Zertifikatsvalidierung, unsachgemäßer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen.
Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgemäßen Eingabe- und Zertifikatsvalidierung, unsachgemäßer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen.
Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgemäßen Eingabe- und Zertifikatsvalidierung, unsachgemäßer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen.
Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgemäßen Eingabe- und Zertifikatsvalidierung, unsachgemäßer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen.
Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgemäßen Eingabe- und Zertifikatsvalidierung, unsachgemäßer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen.
Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgemäßen Eingabe- und Zertifikatsvalidierung, unsachgemäßer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen.
Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgemäßen Eingabe- und Zertifikatsvalidierung, unsachgemäßer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen.
Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgemäßen Eingabe- und Zertifikatsvalidierung, unsachgemäßer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen.
Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgemäßen Eingabe- und Zertifikatsvalidierung, unsachgemäßer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen.
Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgemäßen Eingabe- und Zertifikatsvalidierung, unsachgemäßer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen.
Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgemäßen Eingabe- und Zertifikatsvalidierung, unsachgemäßer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen.
Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgemäßen Eingabe- und Zertifikatsvalidierung, unsachgemäßer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen.
Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgemäßen Eingabe- und Zertifikatsvalidierung, unsachgemäßer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen.
References
4 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Das Android Betriebssystem ist eine quelloffene Plattform f\u00fcr mobile Ger\u00e4te. Die Basis bildet der Linux-Kernel.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter Angreifer kann mehrere Schwachstellen in Samsung Android ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Android",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2023-2841 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-2841.json"
},
{
"category": "self",
"summary": "WID-SEC-2023-2841 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2841"
},
{
"category": "external",
"summary": "CISA Known Exploited Vulnerabilities Catalog vom 2023-12-05",
"url": "https://www.cisa.gov/news-events/alerts/2023/12/05/cisa-adds-four-known-exploited-vulnerabilities-catalog"
},
{
"category": "external",
"summary": "Samsung Security Update vom 2023-11-06",
"url": "https://security.samsungmobile.com/securityUpdate.smsb"
}
],
"source_lang": "en-US",
"title": "Samsung Android: Mehrere Schwachstellen erm\u00f6glichen",
"tracking": {
"current_release_date": "2023-12-05T23:00:00.000+00:00",
"generator": {
"date": "2024-08-15T18:01:12.771+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.5"
}
},
"id": "WID-SEC-W-2023-2841",
"initial_release_date": "2023-11-06T23:00:00.000+00:00",
"revision_history": [
{
"date": "2023-11-06T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2023-12-05T23:00:00.000+00:00",
"number": "2",
"summary": "Aktive Ausnutzung gemeldet"
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Samsung Android \u003c 11 SMR Nov-2023 Release 1",
"product": {
"name": "Samsung Android \u003c 11 SMR Nov-2023 Release 1",
"product_id": "T030954",
"product_identification_helper": {
"cpe": "cpe:/o:samsung:android:11_smr_nov-2023_release_1"
}
}
},
{
"category": "product_name",
"name": "Samsung Android \u003c 12 SMR Nov-2023 Release 1",
"product": {
"name": "Samsung Android \u003c 12 SMR Nov-2023 Release 1",
"product_id": "T030955",
"product_identification_helper": {
"cpe": "cpe:/o:samsung:android:12_smr_nov-2023_release_1"
}
}
},
{
"category": "product_name",
"name": "Samsung Android \u003c 13 SMR Nov-2023 Release 1",
"product": {
"name": "Samsung Android \u003c 13 SMR Nov-2023 Release 1",
"product_id": "T030956",
"product_identification_helper": {
"cpe": "cpe:/o:samsung:android:13_smr_nov-2023_release_1"
}
}
}
],
"category": "product_name",
"name": "Android"
}
],
"category": "vendor",
"name": "Samsung"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-41112",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgem\u00e4\u00dfen Eingabe- und Zertifikatsvalidierung, unsachgem\u00e4\u00dfer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen."
}
],
"release_date": "2023-11-06T23:00:00.000+00:00",
"title": "CVE-2023-41112"
},
{
"cve": "CVE-2023-41111",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgem\u00e4\u00dfen Eingabe- und Zertifikatsvalidierung, unsachgem\u00e4\u00dfer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen."
}
],
"release_date": "2023-11-06T23:00:00.000+00:00",
"title": "CVE-2023-41111"
},
{
"cve": "CVE-2023-40638",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgem\u00e4\u00dfen Eingabe- und Zertifikatsvalidierung, unsachgem\u00e4\u00dfer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen."
}
],
"release_date": "2023-11-06T23:00:00.000+00:00",
"title": "CVE-2023-40638"
},
{
"cve": "CVE-2023-40124",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgem\u00e4\u00dfen Eingabe- und Zertifikatsvalidierung, unsachgem\u00e4\u00dfer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen."
}
],
"release_date": "2023-11-06T23:00:00.000+00:00",
"title": "CVE-2023-40124"
},
{
"cve": "CVE-2023-40115",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgem\u00e4\u00dfen Eingabe- und Zertifikatsvalidierung, unsachgem\u00e4\u00dfer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen."
}
],
"release_date": "2023-11-06T23:00:00.000+00:00",
"title": "CVE-2023-40115"
},
{
"cve": "CVE-2023-40114",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgem\u00e4\u00dfen Eingabe- und Zertifikatsvalidierung, unsachgem\u00e4\u00dfer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen."
}
],
"release_date": "2023-11-06T23:00:00.000+00:00",
"title": "CVE-2023-40114"
},
{
"cve": "CVE-2023-40113",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgem\u00e4\u00dfen Eingabe- und Zertifikatsvalidierung, unsachgem\u00e4\u00dfer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen."
}
],
"release_date": "2023-11-06T23:00:00.000+00:00",
"title": "CVE-2023-40113"
},
{
"cve": "CVE-2023-40112",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgem\u00e4\u00dfen Eingabe- und Zertifikatsvalidierung, unsachgem\u00e4\u00dfer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen."
}
],
"release_date": "2023-11-06T23:00:00.000+00:00",
"title": "CVE-2023-40112"
},
{
"cve": "CVE-2023-40111",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgem\u00e4\u00dfen Eingabe- und Zertifikatsvalidierung, unsachgem\u00e4\u00dfer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen."
}
],
"release_date": "2023-11-06T23:00:00.000+00:00",
"title": "CVE-2023-40111"
},
{
"cve": "CVE-2023-40110",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgem\u00e4\u00dfen Eingabe- und Zertifikatsvalidierung, unsachgem\u00e4\u00dfer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen."
}
],
"release_date": "2023-11-06T23:00:00.000+00:00",
"title": "CVE-2023-40110"
},
{
"cve": "CVE-2023-40109",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgem\u00e4\u00dfen Eingabe- und Zertifikatsvalidierung, unsachgem\u00e4\u00dfer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen."
}
],
"release_date": "2023-11-06T23:00:00.000+00:00",
"title": "CVE-2023-40109"
},
{
"cve": "CVE-2023-40107",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgem\u00e4\u00dfen Eingabe- und Zertifikatsvalidierung, unsachgem\u00e4\u00dfer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen."
}
],
"release_date": "2023-11-06T23:00:00.000+00:00",
"title": "CVE-2023-40107"
},
{
"cve": "CVE-2023-40106",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgem\u00e4\u00dfen Eingabe- und Zertifikatsvalidierung, unsachgem\u00e4\u00dfer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen."
}
],
"release_date": "2023-11-06T23:00:00.000+00:00",
"title": "CVE-2023-40106"
},
{
"cve": "CVE-2023-40105",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgem\u00e4\u00dfen Eingabe- und Zertifikatsvalidierung, unsachgem\u00e4\u00dfer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen."
}
],
"release_date": "2023-11-06T23:00:00.000+00:00",
"title": "CVE-2023-40105"
},
{
"cve": "CVE-2023-40104",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgem\u00e4\u00dfen Eingabe- und Zertifikatsvalidierung, unsachgem\u00e4\u00dfer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen."
}
],
"release_date": "2023-11-06T23:00:00.000+00:00",
"title": "CVE-2023-40104"
},
{
"cve": "CVE-2023-40100",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgem\u00e4\u00dfen Eingabe- und Zertifikatsvalidierung, unsachgem\u00e4\u00dfer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen."
}
],
"release_date": "2023-11-06T23:00:00.000+00:00",
"title": "CVE-2023-40100"
},
{
"cve": "CVE-2023-34970",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgem\u00e4\u00dfen Eingabe- und Zertifikatsvalidierung, unsachgem\u00e4\u00dfer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen."
}
],
"release_date": "2023-11-06T23:00:00.000+00:00",
"title": "CVE-2023-34970"
},
{
"cve": "CVE-2023-33200",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgem\u00e4\u00dfen Eingabe- und Zertifikatsvalidierung, unsachgem\u00e4\u00dfer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen."
}
],
"release_date": "2023-11-06T23:00:00.000+00:00",
"title": "CVE-2023-33200"
},
{
"cve": "CVE-2023-33107",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgem\u00e4\u00dfen Eingabe- und Zertifikatsvalidierung, unsachgem\u00e4\u00dfer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen."
}
],
"release_date": "2023-11-06T23:00:00.000+00:00",
"title": "CVE-2023-33107"
},
{
"cve": "CVE-2023-33106",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgem\u00e4\u00dfen Eingabe- und Zertifikatsvalidierung, unsachgem\u00e4\u00dfer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen."
}
],
"release_date": "2023-11-06T23:00:00.000+00:00",
"title": "CVE-2023-33106"
},
{
"cve": "CVE-2023-33063",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgem\u00e4\u00dfen Eingabe- und Zertifikatsvalidierung, unsachgem\u00e4\u00dfer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen."
}
],
"release_date": "2023-11-06T23:00:00.000+00:00",
"title": "CVE-2023-33063"
},
{
"cve": "CVE-2023-33035",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgem\u00e4\u00dfen Eingabe- und Zertifikatsvalidierung, unsachgem\u00e4\u00dfer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen."
}
],
"release_date": "2023-11-06T23:00:00.000+00:00",
"title": "CVE-2023-33035"
},
{
"cve": "CVE-2023-33034",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgem\u00e4\u00dfen Eingabe- und Zertifikatsvalidierung, unsachgem\u00e4\u00dfer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen."
}
],
"release_date": "2023-11-06T23:00:00.000+00:00",
"title": "CVE-2023-33034"
},
{
"cve": "CVE-2023-33029",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgem\u00e4\u00dfen Eingabe- und Zertifikatsvalidierung, unsachgem\u00e4\u00dfer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen."
}
],
"release_date": "2023-11-06T23:00:00.000+00:00",
"title": "CVE-2023-33029"
},
{
"cve": "CVE-2023-33028",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgem\u00e4\u00dfen Eingabe- und Zertifikatsvalidierung, unsachgem\u00e4\u00dfer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen."
}
],
"release_date": "2023-11-06T23:00:00.000+00:00",
"title": "CVE-2023-33028"
},
{
"cve": "CVE-2023-33027",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgem\u00e4\u00dfen Eingabe- und Zertifikatsvalidierung, unsachgem\u00e4\u00dfer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen."
}
],
"release_date": "2023-11-06T23:00:00.000+00:00",
"title": "CVE-2023-33027"
},
{
"cve": "CVE-2023-33026",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgem\u00e4\u00dfen Eingabe- und Zertifikatsvalidierung, unsachgem\u00e4\u00dfer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen."
}
],
"release_date": "2023-11-06T23:00:00.000+00:00",
"title": "CVE-2023-33026"
},
{
"cve": "CVE-2023-32820",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgem\u00e4\u00dfen Eingabe- und Zertifikatsvalidierung, unsachgem\u00e4\u00dfer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen."
}
],
"release_date": "2023-11-06T23:00:00.000+00:00",
"title": "CVE-2023-32820"
},
{
"cve": "CVE-2023-32819",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgem\u00e4\u00dfen Eingabe- und Zertifikatsvalidierung, unsachgem\u00e4\u00dfer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen."
}
],
"release_date": "2023-11-06T23:00:00.000+00:00",
"title": "CVE-2023-32819"
},
{
"cve": "CVE-2023-30739",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgem\u00e4\u00dfen Eingabe- und Zertifikatsvalidierung, unsachgem\u00e4\u00dfer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen."
}
],
"release_date": "2023-11-06T23:00:00.000+00:00",
"title": "CVE-2023-30739"
},
{
"cve": "CVE-2023-28540",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgem\u00e4\u00dfen Eingabe- und Zertifikatsvalidierung, unsachgem\u00e4\u00dfer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen."
}
],
"release_date": "2023-11-06T23:00:00.000+00:00",
"title": "CVE-2023-28540"
},
{
"cve": "CVE-2023-24855",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgem\u00e4\u00dfen Eingabe- und Zertifikatsvalidierung, unsachgem\u00e4\u00dfer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen."
}
],
"release_date": "2023-11-06T23:00:00.000+00:00",
"title": "CVE-2023-24855"
},
{
"cve": "CVE-2023-24853",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgem\u00e4\u00dfen Eingabe- und Zertifikatsvalidierung, unsachgem\u00e4\u00dfer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen."
}
],
"release_date": "2023-11-06T23:00:00.000+00:00",
"title": "CVE-2023-24853"
},
{
"cve": "CVE-2023-24850",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgem\u00e4\u00dfen Eingabe- und Zertifikatsvalidierung, unsachgem\u00e4\u00dfer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen."
}
],
"release_date": "2023-11-06T23:00:00.000+00:00",
"title": "CVE-2023-24850"
},
{
"cve": "CVE-2023-24849",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgem\u00e4\u00dfen Eingabe- und Zertifikatsvalidierung, unsachgem\u00e4\u00dfer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen."
}
],
"release_date": "2023-11-06T23:00:00.000+00:00",
"title": "CVE-2023-24849"
},
{
"cve": "CVE-2023-24848",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgem\u00e4\u00dfen Eingabe- und Zertifikatsvalidierung, unsachgem\u00e4\u00dfer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen."
}
],
"release_date": "2023-11-06T23:00:00.000+00:00",
"title": "CVE-2023-24848"
},
{
"cve": "CVE-2023-24847",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgem\u00e4\u00dfen Eingabe- und Zertifikatsvalidierung, unsachgem\u00e4\u00dfer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen."
}
],
"release_date": "2023-11-06T23:00:00.000+00:00",
"title": "CVE-2023-24847"
},
{
"cve": "CVE-2023-24844",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgem\u00e4\u00dfen Eingabe- und Zertifikatsvalidierung, unsachgem\u00e4\u00dfer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen."
}
],
"release_date": "2023-11-06T23:00:00.000+00:00",
"title": "CVE-2023-24844"
},
{
"cve": "CVE-2023-24843",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgem\u00e4\u00dfen Eingabe- und Zertifikatsvalidierung, unsachgem\u00e4\u00dfer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen."
}
],
"release_date": "2023-11-06T23:00:00.000+00:00",
"title": "CVE-2023-24843"
},
{
"cve": "CVE-2023-22385",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgem\u00e4\u00dfen Eingabe- und Zertifikatsvalidierung, unsachgem\u00e4\u00dfer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen."
}
],
"release_date": "2023-11-06T23:00:00.000+00:00",
"title": "CVE-2023-22385"
},
{
"cve": "CVE-2023-21673",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgem\u00e4\u00dfen Eingabe- und Zertifikatsvalidierung, unsachgem\u00e4\u00dfer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen."
}
],
"release_date": "2023-11-06T23:00:00.000+00:00",
"title": "CVE-2023-21673"
},
{
"cve": "CVE-2023-21234",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgem\u00e4\u00dfen Eingabe- und Zertifikatsvalidierung, unsachgem\u00e4\u00dfer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen."
}
],
"release_date": "2023-11-06T23:00:00.000+00:00",
"title": "CVE-2023-21234"
},
{
"cve": "CVE-2023-21111",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgem\u00e4\u00dfen Eingabe- und Zertifikatsvalidierung, unsachgem\u00e4\u00dfer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen."
}
],
"release_date": "2023-11-06T23:00:00.000+00:00",
"title": "CVE-2023-21111"
},
{
"cve": "CVE-2023-21103",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgem\u00e4\u00dfen Eingabe- und Zertifikatsvalidierung, unsachgem\u00e4\u00dfer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen."
}
],
"release_date": "2023-11-06T23:00:00.000+00:00",
"title": "CVE-2023-21103"
},
{
"cve": "CVE-2023-20819",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgem\u00e4\u00dfen Eingabe- und Zertifikatsvalidierung, unsachgem\u00e4\u00dfer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen."
}
],
"release_date": "2023-11-06T23:00:00.000+00:00",
"title": "CVE-2023-20819"
},
{
"cve": "CVE-2022-28348",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgem\u00e4\u00dfen Eingabe- und Zertifikatsvalidierung, unsachgem\u00e4\u00dfer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen."
}
],
"release_date": "2023-11-06T23:00:00.000+00:00",
"title": "CVE-2022-28348"
},
{
"cve": "CVE-2022-22071",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgem\u00e4\u00dfen Eingabe- und Zertifikatsvalidierung, unsachgem\u00e4\u00dfer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen."
}
],
"release_date": "2023-11-06T23:00:00.000+00:00",
"title": "CVE-2022-22071"
},
{
"cve": "CVE-2021-44828",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgem\u00e4\u00dfen Eingabe- und Zertifikatsvalidierung, unsachgem\u00e4\u00dfer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen."
}
],
"release_date": "2023-11-06T23:00:00.000+00:00",
"title": "CVE-2021-44828"
},
{
"cve": "CVE-2020-29374",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgem\u00e4\u00dfen Eingabe- und Zertifikatsvalidierung, unsachgem\u00e4\u00dfer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen."
}
],
"release_date": "2023-11-06T23:00:00.000+00:00",
"title": "CVE-2020-29374"
},
{
"cve": "CVE-2023-4863",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgem\u00e4\u00dfen Eingabe- und Zertifikatsvalidierung, unsachgem\u00e4\u00dfer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen."
}
],
"release_date": "2023-11-06T23:00:00.000+00:00",
"title": "CVE-2023-4863"
},
{
"cve": "CVE-2023-42538",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgem\u00e4\u00dfen Eingabe- und Zertifikatsvalidierung, unsachgem\u00e4\u00dfer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen."
}
],
"release_date": "2023-11-06T23:00:00.000+00:00",
"title": "CVE-2023-42538"
},
{
"cve": "CVE-2023-42537",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgem\u00e4\u00dfen Eingabe- und Zertifikatsvalidierung, unsachgem\u00e4\u00dfer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen."
}
],
"release_date": "2023-11-06T23:00:00.000+00:00",
"title": "CVE-2023-42537"
},
{
"cve": "CVE-2023-42536",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgem\u00e4\u00dfen Eingabe- und Zertifikatsvalidierung, unsachgem\u00e4\u00dfer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen."
}
],
"release_date": "2023-11-06T23:00:00.000+00:00",
"title": "CVE-2023-42536"
},
{
"cve": "CVE-2023-42535",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgem\u00e4\u00dfen Eingabe- und Zertifikatsvalidierung, unsachgem\u00e4\u00dfer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen."
}
],
"release_date": "2023-11-06T23:00:00.000+00:00",
"title": "CVE-2023-42535"
},
{
"cve": "CVE-2023-42534",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgem\u00e4\u00dfen Eingabe- und Zertifikatsvalidierung, unsachgem\u00e4\u00dfer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen."
}
],
"release_date": "2023-11-06T23:00:00.000+00:00",
"title": "CVE-2023-42534"
},
{
"cve": "CVE-2023-42533",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgem\u00e4\u00dfen Eingabe- und Zertifikatsvalidierung, unsachgem\u00e4\u00dfer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen."
}
],
"release_date": "2023-11-06T23:00:00.000+00:00",
"title": "CVE-2023-42533"
},
{
"cve": "CVE-2023-42532",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgem\u00e4\u00dfen Eingabe- und Zertifikatsvalidierung, unsachgem\u00e4\u00dfer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen."
}
],
"release_date": "2023-11-06T23:00:00.000+00:00",
"title": "CVE-2023-42532"
},
{
"cve": "CVE-2023-42531",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgem\u00e4\u00dfen Eingabe- und Zertifikatsvalidierung, unsachgem\u00e4\u00dfer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen."
}
],
"release_date": "2023-11-06T23:00:00.000+00:00",
"title": "CVE-2023-42531"
},
{
"cve": "CVE-2023-42530",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgem\u00e4\u00dfen Eingabe- und Zertifikatsvalidierung, unsachgem\u00e4\u00dfer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen."
}
],
"release_date": "2023-11-06T23:00:00.000+00:00",
"title": "CVE-2023-42530"
},
{
"cve": "CVE-2023-42529",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgem\u00e4\u00dfen Eingabe- und Zertifikatsvalidierung, unsachgem\u00e4\u00dfer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen."
}
],
"release_date": "2023-11-06T23:00:00.000+00:00",
"title": "CVE-2023-42529"
},
{
"cve": "CVE-2023-42528",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgem\u00e4\u00dfen Eingabe- und Zertifikatsvalidierung, unsachgem\u00e4\u00dfer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen."
}
],
"release_date": "2023-11-06T23:00:00.000+00:00",
"title": "CVE-2023-42528"
},
{
"cve": "CVE-2023-42527",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgem\u00e4\u00dfen Eingabe- und Zertifikatsvalidierung, unsachgem\u00e4\u00dfer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen."
}
],
"release_date": "2023-11-06T23:00:00.000+00:00",
"title": "CVE-2023-42527"
},
{
"cve": "CVE-2023-4211",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Samsung Android. Diese Fehler bestehen in mehreren Komponenten wie SecSettings, SmsController oder der USB-Gadget-Schnittstelle aufgrund einer unsachgem\u00e4\u00dfen Eingabe- und Zertifikatsvalidierung, unsachgem\u00e4\u00dfer Zugriffskontrolle und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige der Schwachstellen erfordern eine Benutzerinteraktion, um sie erfolgreich auszunutzen."
}
],
"release_date": "2023-11-06T23:00:00.000+00:00",
"title": "CVE-2023-4211"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…