Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2023-6135 (GCVE-0-2023-6135)
Vulnerability from cvelistv5 – Published: 2023-12-19 13:38 – Updated: 2025-02-13 17:26
VLAI
EPSS
Summary
Multiple NSS NIST curves were susceptible to a side-channel attack known as "Minerva". This attack could potentially allow an attacker to recover the private key. This vulnerability affects Firefox < 121.
Severity
No CVSS data available.
CWE
- NSS susceptible to "Minerva" attack
Assigner
References
Impacted products
Credits
George Pantela (Red Hat) and Hubert Kario (Red Hat)
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:21:17.233Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1853908"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2023-56/"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202401-10"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-6135",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-27T18:59:00.834131Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-27T18:59:23.431Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "121",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "George Pantela (Red Hat) and Hubert Kario (Red Hat)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Multiple NSS NIST curves were susceptible to a side-channel attack known as \"Minerva\". This attack could potentially allow an attacker to recover the private key. This vulnerability affects Firefox \u003c 121."
}
],
"value": "Multiple NSS NIST curves were susceptible to a side-channel attack known as \"Minerva\". This attack could potentially allow an attacker to recover the private key. This vulnerability affects Firefox \u003c 121."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "NSS susceptible to \"Minerva\" attack",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-07T11:06:46.915Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1853908"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-56/"
},
{
"url": "https://security.gentoo.org/glsa/202401-10"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2023-6135",
"datePublished": "2023-12-19T13:38:46.388Z",
"dateReserved": "2023-11-14T21:31:12.876Z",
"dateUpdated": "2025-02-13T17:26:05.649Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2023-6135",
"date": "2026-05-30",
"epss": "0.00197",
"percentile": "0.41453"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2023-6135\",\"sourceIdentifier\":\"security@mozilla.org\",\"published\":\"2023-12-19T14:15:07.143\",\"lastModified\":\"2024-11-21T08:43:12.387\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Multiple NSS NIST curves were susceptible to a side-channel attack known as \\\"Minerva\\\". This attack could potentially allow an attacker to recover the private key. This vulnerability affects Firefox \u003c 121.\"},{\"lang\":\"es\",\"value\":\"M\u00faltiples curvas NSS NIST fueron susceptibles a un ataque de canal lateral conocido como \\\"Minerva\\\". Este ataque podr\u00eda permitir potencialmente que un atacante recupere la clave privada. Esta vulnerabilidad afecta a Firefox \u0026lt; 121.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N\",\"baseScore\":4.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":1.4}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-203\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"121.0\",\"matchCriteriaId\":\"A3D81D72-5965-4DB7-BFA7-9A32A9108919\"}]}]}],\"references\":[{\"url\":\"https://bugzilla.mozilla.org/show_bug.cgi?id=1853908\",\"source\":\"security@mozilla.org\",\"tags\":[\"Issue Tracking\",\"Permissions Required\"]},{\"url\":\"https://security.gentoo.org/glsa/202401-10\",\"source\":\"security@mozilla.org\"},{\"url\":\"https://www.mozilla.org/security/advisories/mfsa2023-56/\",\"source\":\"security@mozilla.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://bugzilla.mozilla.org/show_bug.cgi?id=1853908\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Permissions Required\"]},{\"url\":\"https://security.gentoo.org/glsa/202401-10\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.mozilla.org/security/advisories/mfsa2023-56/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://bugzilla.mozilla.org/show_bug.cgi?id=1853908\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.mozilla.org/security/advisories/mfsa2023-56/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://security.gentoo.org/glsa/202401-10\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T08:21:17.233Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-6135\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-08-27T18:59:00.834131Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-08-27T18:59:18.502Z\"}}], \"cna\": {\"credits\": [{\"lang\": \"en\", \"value\": \"George Pantela (Red Hat) and Hubert Kario (Red Hat)\"}], \"affected\": [{\"vendor\": \"Mozilla\", \"product\": \"Firefox\", \"versions\": [{\"status\": \"affected\", \"version\": \"unspecified\", \"lessThan\": \"121\", \"versionType\": \"custom\"}]}], \"references\": [{\"url\": \"https://bugzilla.mozilla.org/show_bug.cgi?id=1853908\"}, {\"url\": \"https://www.mozilla.org/security/advisories/mfsa2023-56/\"}, {\"url\": \"https://security.gentoo.org/glsa/202401-10\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Multiple NSS NIST curves were susceptible to a side-channel attack known as \\\"Minerva\\\". This attack could potentially allow an attacker to recover the private key. This vulnerability affects Firefox \u003c 121.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Multiple NSS NIST curves were susceptible to a side-channel attack known as \\\"Minerva\\\". This attack could potentially allow an attacker to recover the private key. This vulnerability affects Firefox \u003c 121.\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"NSS susceptible to \\\"Minerva\\\" attack\"}]}], \"providerMetadata\": {\"orgId\": \"f16b083a-5664-49f3-a51e-8d479e5ed7fe\", \"shortName\": \"mozilla\", \"dateUpdated\": \"2024-01-07T11:06:46.915Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2023-6135\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-02-13T17:26:05.649Z\", \"dateReserved\": \"2023-11-14T21:31:12.876Z\", \"assignerOrgId\": \"f16b083a-5664-49f3-a51e-8d479e5ed7fe\", \"datePublished\": \"2023-12-19T13:38:46.388Z\", \"assignerShortName\": \"mozilla\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
alsa-2024:0786
Vulnerability from osv_almalinux
Published
2024-02-12 00:00
Modified
2024-02-14 10:42
Summary
Moderate: nss security update
Details
Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications.
Security Fix(es):
- nss: vulnerable to Minerva side-channel information leak (CVE-2023-6135)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References
{
"affected": [
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "nss"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.90.0-6.el8_9"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "nss-devel"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.90.0-6.el8_9"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "nss-softokn"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.90.0-6.el8_9"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "nss-softokn-devel"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.90.0-6.el8_9"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "nss-softokn-freebl"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.90.0-6.el8_9"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "nss-softokn-freebl-devel"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.90.0-6.el8_9"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "nss-sysinit"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.90.0-6.el8_9"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "nss-tools"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.90.0-6.el8_9"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "nss-util"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.90.0-6.el8_9"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "nss-util-devel"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.90.0-6.el8_9"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"details": "Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications.\n\nSecurity Fix(es):\n\n* nss: vulnerable to Minerva side-channel information leak (CVE-2023-6135)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"id": "ALSA-2024:0786",
"modified": "2024-02-14T10:42:15Z",
"published": "2024-02-12T00:00:00Z",
"references": [
{
"type": "ADVISORY",
"url": "https://access.redhat.com/errata/RHSA-2024:0786"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2023-6135"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2249906"
},
{
"type": "ADVISORY",
"url": "https://errata.almalinux.org/8/ALSA-2024-0786.html"
}
],
"related": [
"CVE-2023-6135"
],
"summary": "Moderate: nss security update"
}
alsa-2024:0790
Vulnerability from osv_almalinux
Published
2024-02-12 00:00
Modified
2024-02-14 10:34
Summary
Moderate: nss security update
Details
Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications.
Security Fix(es):
- nss: vulnerable to Minerva side-channel information leak (CVE-2023-6135)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References
{
"affected": [
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "nspr"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.35.0-6.el9_3"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "nspr-devel"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.35.0-6.el9_3"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "nss"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.90.0-6.el9_3"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "nss-devel"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.90.0-6.el9_3"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "nss-softokn"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.90.0-6.el9_3"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "nss-softokn-devel"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.90.0-6.el9_3"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "nss-softokn-freebl"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.90.0-6.el9_3"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "nss-softokn-freebl-devel"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.90.0-6.el9_3"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "nss-sysinit"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.90.0-6.el9_3"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "nss-tools"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.90.0-6.el9_3"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "nss-util"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.90.0-6.el9_3"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "nss-util-devel"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.90.0-6.el9_3"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"details": "Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications.\n\nSecurity Fix(es):\n\n* nss: vulnerable to Minerva side-channel information leak (CVE-2023-6135)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"id": "ALSA-2024:0790",
"modified": "2024-02-14T10:34:33Z",
"published": "2024-02-12T00:00:00Z",
"references": [
{
"type": "ADVISORY",
"url": "https://access.redhat.com/errata/RHSA-2024:0790"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2023-6135"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2249906"
},
{
"type": "ADVISORY",
"url": "https://errata.almalinux.org/9/ALSA-2024-0790.html"
}
],
"related": [
"CVE-2023-6135"
],
"summary": "Moderate: nss security update"
}
Title
Уязвимость службы сетевой безопасности NSS браузера Mozilla Firefox, позволяющая нарушителю получить доступ к конфиденциальной информации
Description
Уязвимость службы сетевой безопасности NSS браузера Mozilla Firefox связана с раскрытием информации через несоответствие. Эксплуатация уязвимости позволяет нарушителю, действующему удаленно, получить доступ к конфиденциальной информации
Severity
Vendor
Mozilla Corp.
Software Name
Firefox
Software Version
до 121 (Firefox)
Possible Mitigations
Использование рекомендаций:
https://www.mozilla.org/en-US/security/advisories/mfsa2023-56/#CVE-2023-6135
Reference
https://cxsecurity.com/cveshow/CVE-2023-6135
https://www.mozilla.org/en-US/security/advisories/mfsa2023-56/
https://www.cybersecurity-help.cz/vdb/SB2023121946
CWE
CWE-203
{
"CVSS 2.0": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"CVSS 3.0": "AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"CVSS 4.0": null,
"remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
"remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
"\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Mozilla Corp.",
"\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "\u0434\u043e 121 (Firefox)",
"\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\nhttps://www.mozilla.org/en-US/security/advisories/mfsa2023-56/#CVE-2023-6135",
"\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "19.12.2023",
"\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "25.12.2023",
"\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "25.12.2023",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2023-09056",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2023-6135",
"\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
"\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0430\u0440\u0445\u0438\u0442\u0435\u043a\u0442\u0443\u0440\u044b",
"\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Firefox",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": null,
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441\u043b\u0443\u0436\u0431\u044b \u0441\u0435\u0442\u0435\u0432\u043e\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 NSS \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u0430 Mozilla Firefox, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438",
"\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u0420\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u0435 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u0432 \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u0435 \u0440\u0430\u0441\u0445\u043e\u0436\u0434\u0435\u043d\u0438\u0439 (CWE-203)",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441\u043b\u0443\u0436\u0431\u044b \u0441\u0435\u0442\u0435\u0432\u043e\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 NSS \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u0430 Mozilla Firefox \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u0435\u043c \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u0447\u0435\u0440\u0435\u0437 \u043d\u0435\u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0438\u0435. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e, \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438",
"\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
"\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
"\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041d\u0435\u0441\u0430\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0441\u0431\u043e\u0440 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438",
"\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://cxsecurity.com/cveshow/CVE-2023-6135\nhttps://www.mozilla.org/en-US/security/advisories/mfsa2023-56/\nhttps://www.cybersecurity-help.cz/vdb/SB2023121946",
"\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
"\u0422\u0438\u043f \u041f\u041e": "\u041f\u0440\u0438\u043a\u043b\u0430\u0434\u043d\u043e\u0435 \u041f\u041e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c",
"\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-203",
"\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 6,4)\n\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 5,4)"
}
CERTFR-2023-AVI-1048
Vulnerability from certfr_avis - Published: 2023-12-20 - Updated: 2023-12-20
De multiples vulnérabilités ont été découvertes dans les produits Mozilla. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, une atteinte à la confidentialité des données, une exécution de code arbitraire à distance et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Mozilla | Firefox | Firefox versions antérieures à 121 | ||
| Mozilla | Thunderbird | Thunderbird versions antérieures à 115.6 | ||
| Mozilla | Firefox ESR | Firefox ESR versions antérieures à 115.6 |
References
| Title | Publication Time | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Firefox versions ant\u00e9rieures \u00e0 121",
"product": {
"name": "Firefox",
"vendor": {
"name": "Mozilla",
"scada": false
}
}
},
{
"description": "Thunderbird versions ant\u00e9rieures \u00e0 115.6",
"product": {
"name": "Thunderbird",
"vendor": {
"name": "Mozilla",
"scada": false
}
}
},
{
"description": "Firefox ESR versions ant\u00e9rieures \u00e0 115.6",
"product": {
"name": "Firefox ESR",
"vendor": {
"name": "Mozilla",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2023-6867",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6867"
},
{
"name": "CVE-2023-6862",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6862"
},
{
"name": "CVE-2023-50762",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50762"
},
{
"name": "CVE-2023-6857",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6857"
},
{
"name": "CVE-2023-6858",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6858"
},
{
"name": "CVE-2023-6869",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6869"
},
{
"name": "CVE-2023-6135",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6135"
},
{
"name": "CVE-2023-6865",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6865"
},
{
"name": "CVE-2023-6868",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6868"
},
{
"name": "CVE-2023-6861",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6861"
},
{
"name": "CVE-2023-50761",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50761"
},
{
"name": "CVE-2023-6870",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6870"
},
{
"name": "CVE-2023-6871",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6871"
},
{
"name": "CVE-2023-6860",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6860"
},
{
"name": "CVE-2023-6864",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6864"
},
{
"name": "CVE-2023-6863",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6863"
},
{
"name": "CVE-2023-6872",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6872"
},
{
"name": "CVE-2023-6859",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6859"
},
{
"name": "CVE-2023-6873",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6873"
},
{
"name": "CVE-2023-6856",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6856"
},
{
"name": "CVE-2023-6866",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6866"
}
],
"initial_release_date": "2023-12-20T00:00:00",
"last_revision_date": "2023-12-20T00:00:00",
"links": [],
"reference": "CERTFR-2023-AVI-1048",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-12-20T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans \u003cspan\nclass=\"textit\"\u003eles produits Mozilla\u003c/span\u003e. Elles permettent \u00e0 un\nattaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par\nl\u0027\u00e9diteur, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es, une ex\u00e9cution\nde code arbitraire \u00e0 distance et un contournement de la politique de\ns\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Mozilla",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Mozilla mfsa2023-56 du 19 d\u00e9cembre 2023",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-56/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Mozilla mfsa2023-54 du 19 d\u00e9cembre 2023",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-54/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Mozilla mfsa2023-55 du 19 d\u00e9cembre 2023",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-55/"
}
]
}
CERTFR-2024-AVI-0305
Vulnerability from certfr_avis - Published: 2024-04-12 - Updated: 2024-04-12
De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une élévation de privilèges.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
- Sterling Connect:Direct pour UNIX versions 6.1.0.x antérieures à 6.1.0.4.iFix104
- Sterling Connect:Direct pour UNIX versions 6.0.0.x antérieures à 6.0.0.2.iFix163
- Sterling Connect:Direct FTP+ versions antérieures à 1.3.0 sans le correctif de sécurité iFix026
- QRadar App SDK versions 2.2.x antérieures à 2.2.1
- QRadar Deployment Intelligence App versions antérieures à 3.0.13
- Cloud Pak for Security versions 1.10.x.x antérieures à 1.10.20.0
- QRadar SIEM versions 7.5.x antérieures à 7.5.0 UP8 IF01
- QRadar Suite Software versions 1.10.12.x antérieures à 1.10.20.0
- WebSphere Application Server Liberty versions postérieures à 21.0.0.2 et antérieures à 24.0.0.4
- WebSphere Application Server versions 9.x antérieures à 9.0.5.19
- WebSphere Application Server versions postérieures à 8.5.5.2 antérieures à 8.5.5.26
- Sterling B2B Integrator versions 6.0.x.x à 6.1.x.x antérieures à 6.1.2.5
- Sterling B2B Integrator versions 6.2.x.x antérieures à 6.2.0.1
Se référer aux bulletin de l'éditeur pour les versions des fichiers vulnérables (cf. section Documentation).
Impacted products
| Vendor | Product | Description |
|---|
References
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [],
"affected_systems_content": "\u003cul\u003e \u003cli\u003eSterling Connect:Direct pour UNIX versions 6.1.0.x ant\u00e9rieures \u00e0\u00a06.1.0.4.iFix104\u003c/li\u003e \u003cli\u003eSterling Connect:Direct pour UNIX versions 6.0.0.x ant\u00e9rieures \u00e0 6.0.0.2.iFix163\u003c/li\u003e \u003cli\u003eSterling Connect:Direct FTP+ versions ant\u00e9rieures \u00e0 1.3.0 sans le correctif de s\u00e9curit\u00e9 iFix026\u003c/li\u003e \u003cli\u003eQRadar App SDK versions 2.2.x ant\u00e9rieures \u00e0 2.2.1\u003c/li\u003e \u003cli\u003eQRadar Deployment Intelligence App versions ant\u00e9rieures \u00e0 3.0.13\u003c/li\u003e \u003cli\u003eCloud Pak for Security versions 1.10.x.x ant\u00e9rieures \u00e0 1.10.20.0\u003c/li\u003e \u003cli\u003eQRadar SIEM versions 7.5.x ant\u00e9rieures \u00e0 7.5.0 UP8 IF01\u003c/li\u003e \u003cli\u003eQRadar Suite Software versions 1.10.12.x ant\u00e9rieures \u00e0 1.10.20.0\u003c/li\u003e \u003cli\u003eWebSphere Application Server Liberty versions post\u00e9rieures \u00e0 21.0.0.2 et ant\u00e9rieures \u00e0 24.0.0.4\u003c/li\u003e \u003cli\u003eWebSphere Application Server versions 9.x ant\u00e9rieures \u00e0 9.0.5.19\u003c/li\u003e \u003cli\u003eWebSphere Application Server versions post\u00e9rieures \u00e0 8.5.5.2 ant\u00e9rieures \u00e0 8.5.5.26\u003c/li\u003e \u003cli\u003eSterling B2B Integrator versions 6.0.x.x \u00e0 6.1.x.x ant\u00e9rieures \u00e0 6.1.2.5\u003c/li\u003e \u003cli\u003eSterling B2B Integrator versions 6.2.x.x ant\u00e9rieures \u00e0 6.2.0.1\u003c/li\u003e \u003c/ul\u003e \u003cp\u003eSe r\u00e9f\u00e9rer aux bulletin de l\u0027\u00e9diteur pour les versions des fichiers vuln\u00e9rables (cf. section Documentation).\u003c/p\u003e ",
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2024-20919",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20919"
},
{
"name": "CVE-2022-48564",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48564"
},
{
"name": "CVE-2024-1597",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-1597"
},
{
"name": "CVE-2023-43642",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-43642"
},
{
"name": "CVE-2023-46218",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46218"
},
{
"name": "CVE-2023-45857",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45857"
},
{
"name": "CVE-2023-51385",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51385"
},
{
"name": "CVE-2023-46234",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46234"
},
{
"name": "CVE-2023-38546",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38546"
},
{
"name": "CVE-2023-37920",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-37920"
},
{
"name": "CVE-2024-20926",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20926"
},
{
"name": "CVE-2021-31525",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-31525"
},
{
"name": "CVE-2023-52426",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52426"
},
{
"name": "CVE-2022-45061",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45061"
},
{
"name": "CVE-2023-4091",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4091"
},
{
"name": "CVE-2023-50782",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50782"
},
{
"name": "CVE-2023-0286",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
},
{
"name": "CVE-2024-22361",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22361"
},
{
"name": "CVE-2024-20921",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20921"
},
{
"name": "CVE-2021-35939",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35939"
},
{
"name": "CVE-2023-28322",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28322"
},
{
"name": "CVE-2023-42669",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42669"
},
{
"name": "CVE-2023-2828",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2828"
},
{
"name": "CVE-2023-22081",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22081"
},
{
"name": "CVE-2023-20569",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-20569"
},
{
"name": "CVE-2012-0881",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0881"
},
{
"name": "CVE-2019-13224",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13224"
},
{
"name": "CVE-2023-34968",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34968"
},
{
"name": "CVE-2024-26308",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26308"
},
{
"name": "CVE-2019-19204",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19204"
},
{
"name": "CVE-2023-27043",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27043"
},
{
"name": "CVE-2023-48795",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48795"
},
{
"name": "CVE-2021-22696",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22696"
},
{
"name": "CVE-2023-42795",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42795"
},
{
"name": "CVE-2023-28487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28487"
},
{
"name": "CVE-2023-22067",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22067"
},
{
"name": "CVE-2023-6135",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6135"
},
{
"name": "CVE-2022-46364",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46364"
},
{
"name": "CVE-2024-22195",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22195"
},
{
"name": "CVE-2020-28241",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28241"
},
{
"name": "CVE-2023-45648",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45648"
},
{
"name": "CVE-2023-45803",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45803"
},
{
"name": "CVE-2022-46363",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46363"
},
{
"name": "CVE-2023-34967",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34967"
},
{
"name": "CVE-2021-35937",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35937"
},
{
"name": "CVE-2024-25710",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25710"
},
{
"name": "CVE-2023-3341",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3341"
},
{
"name": "CVE-2021-41043",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41043"
},
{
"name": "CVE-2019-16163",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16163"
},
{
"name": "CVE-2023-1786",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1786"
},
{
"name": "CVE-2024-0553",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0553"
},
{
"name": "CVE-2021-30468",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30468"
},
{
"name": "CVE-2024-26130",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26130"
},
{
"name": "CVE-2019-19203",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19203"
},
{
"name": "CVE-2023-43804",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-43804"
},
{
"name": "CVE-2023-33850",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-33850"
},
{
"name": "CVE-2022-48560",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48560"
},
{
"name": "CVE-2017-7500",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7500"
},
{
"name": "CVE-2023-42794",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42794"
},
{
"name": "CVE-2022-34169",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34169"
},
{
"name": "CVE-2022-3094",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3094"
},
{
"name": "CVE-2022-41721",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41721"
},
{
"name": "CVE-2022-42920",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42920"
},
{
"name": "CVE-2022-23437",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23437"
},
{
"name": "CVE-2023-42465",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42465"
},
{
"name": "CVE-2023-5676",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5676"
},
{
"name": "CVE-2021-33194",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33194"
},
{
"name": "CVE-2024-20932",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20932"
},
{
"name": "CVE-2023-49083",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-49083"
},
{
"name": "CVE-2011-4969",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-4969"
},
{
"name": "CVE-2024-20918",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20918"
},
{
"name": "CVE-2021-35938",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35938"
},
{
"name": "CVE-2022-46329",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46329"
},
{
"name": "CVE-2023-34966",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34966"
},
{
"name": "CVE-2023-26604",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26604"
},
{
"name": "CVE-2022-41723",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41723"
},
{
"name": "CVE-2023-46589",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46589"
},
{
"name": "CVE-2023-32681",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32681"
},
{
"name": "CVE-2024-20945",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20945"
},
{
"name": "CVE-2023-39615",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39615"
},
{
"name": "CVE-2017-7501",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7501"
},
{
"name": "CVE-2023-28486",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28486"
},
{
"name": "CVE-2015-9251",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-9251"
},
{
"name": "CVE-2023-5388",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5388"
},
{
"name": "CVE-2012-6708",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-6708"
},
{
"name": "CVE-2022-2127",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2127"
},
{
"name": "CVE-2020-7656",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7656"
},
{
"name": "CVE-2019-19012",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19012"
},
{
"name": "CVE-2023-26159",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26159"
},
{
"name": "CVE-2023-6597",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6597"
},
{
"name": "CVE-2024-20952",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20952"
},
{
"name": "CVE-2022-27664",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27664"
},
{
"name": "CVE-2024-22234",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22234"
}
],
"initial_release_date": "2024-04-12T00:00:00",
"last_revision_date": "2024-04-12T00:00:00",
"links": [],
"reference": "CERTFR-2024-AVI-0305",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-04-12T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans \u003cspan\nclass=\"textit\"\u003eles produits IBM\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire\n\u00e0 distance, un d\u00e9ni de service \u00e0 distance et une \u00e9l\u00e9vation de\nprivil\u00e8ges.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7147813 du 09 avril 2024",
"url": "https://www.ibm.com/support/pages/node/7147813"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7148062 du 11 avril 2024",
"url": "https://www.ibm.com/support/pages/node/7148062"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7147943 du 10 avril 2024",
"url": "https://www.ibm.com/support/pages/node/7147943"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7147903 du 10 avril 2024",
"url": "https://www.ibm.com/support/pages/node/7147903"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7148094 du 11 avril 2024",
"url": "https://www.ibm.com/support/pages/node/7148094"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7148151 du 11 avril 2024",
"url": "https://www.ibm.com/support/pages/node/7148151"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7148066 du 11 avril 2024",
"url": "https://www.ibm.com/support/pages/node/7148066"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7148158 du 11 avril 2024",
"url": "https://www.ibm.com/support/pages/node/7148158"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7147727 du 08 avril 2024",
"url": "https://www.ibm.com/support/pages/node/7147727"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7148065 du 11 avril 2024",
"url": "https://www.ibm.com/support/pages/node/7148065"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7148068 du 11 avril 2024",
"url": "https://www.ibm.com/support/pages/node/7148068"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7147728 du 08 avril 2024",
"url": "https://www.ibm.com/support/pages/node/7147728"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7147944 du 10 avril 2024",
"url": "https://www.ibm.com/support/pages/node/7147944"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7147726 du 08 avril 2024",
"url": "https://www.ibm.com/support/pages/node/7147726"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7147923 du 10 avril 2024",
"url": "https://www.ibm.com/support/pages/node/7147923"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7147812 du 09 avril 2024",
"url": "https://www.ibm.com/support/pages/node/7147812"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7148063 du 11 avril 2024",
"url": "https://www.ibm.com/support/pages/node/7148063"
}
]
}
CERTFR-2024-AVI-0506
Vulnerability from certfr_avis - Published: 2024-06-19 - Updated: 2024-06-19
De multiples vulnérabilités ont été découvertes dans les produits Juniper Networks. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un déni de service à distance.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Juniper Networks | Secure Analytics | Secure Analytics versions antérieures à 7.5.0 UP8 IF03 |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Secure Analytics versions ant\u00e9rieures \u00e0 7.5.0 UP8 IF03",
"product": {
"name": "Secure Analytics",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2023-1382",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1382"
},
{
"name": "CVE-2023-4732",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4732"
},
{
"name": "CVE-2022-48564",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48564"
},
{
"name": "CVE-2019-15505",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-15505"
},
{
"name": "CVE-2023-52448",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52448"
},
{
"name": "CVE-2023-3138",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3138"
},
{
"name": "CVE-2023-46813",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46813"
},
{
"name": "CVE-2023-46218",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46218"
},
{
"name": "CVE-2023-1838",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1838"
},
{
"name": "CVE-2023-40551",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40551"
},
{
"name": "CVE-2022-45934",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45934"
},
{
"name": "CVE-2023-28328",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28328"
},
{
"name": "CVE-2023-51043",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51043"
},
{
"name": "CVE-2023-51385",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51385"
},
{
"name": "CVE-2023-5633",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5633"
},
{
"name": "CVE-2023-52425",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52425"
},
{
"name": "CVE-2022-38457",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38457"
},
{
"name": "CVE-2023-38546",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38546"
},
{
"name": "CVE-2023-45863",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45863"
},
{
"name": "CVE-2022-26691",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26691"
},
{
"name": "CVE-2023-6915",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6915"
},
{
"name": "CVE-2023-5178",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5178"
},
{
"name": "CVE-2024-26671",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26671"
},
{
"name": "CVE-2023-50868",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50868"
},
{
"name": "CVE-2023-6536",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6536"
},
{
"name": "CVE-2023-37453",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-37453"
},
{
"name": "CVE-2023-23455",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23455"
},
{
"name": "CVE-2022-45061",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45061"
},
{
"name": "CVE-2020-10001",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10001"
},
{
"name": "CVE-2024-0646",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0646"
},
{
"name": "CVE-2023-4091",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4091"
},
{
"name": "CVE-2023-40283",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40283"
},
{
"name": "CVE-2022-45884",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45884"
},
{
"name": "CVE-2023-52489",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52489"
},
{
"name": "CVE-2007-4559",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-4559"
},
{
"name": "CVE-2023-33951",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-33951"
},
{
"name": "CVE-2023-2163",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2163"
},
{
"name": "CVE-2023-4133",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4133"
},
{
"name": "CVE-2022-42895",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42895"
},
{
"name": "CVE-2023-4244",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4244"
},
{
"name": "CVE-2022-40133",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40133"
},
{
"name": "CVE-2021-35939",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35939"
},
{
"name": "CVE-2023-39193",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39193"
},
{
"name": "CVE-2023-28322",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28322"
},
{
"name": "CVE-2024-22243",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22243"
},
{
"name": "CVE-2023-45862",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45862"
},
{
"name": "CVE-2023-1989",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1989"
},
{
"name": "CVE-2020-3898",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-3898"
},
{
"name": "CVE-2023-51779",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51779"
},
{
"name": "CVE-2023-1855",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1855"
},
{
"name": "CVE-2024-28784",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28784"
},
{
"name": "CVE-2022-45869",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45869"
},
{
"name": "CVE-2023-2513",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2513"
},
{
"name": "CVE-2023-4408",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4408"
},
{
"name": "CVE-2023-42669",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42669"
},
{
"name": "CVE-2023-2828",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2828"
},
{
"name": "CVE-2023-22081",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22081"
},
{
"name": "CVE-2023-20569",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-20569"
},
{
"name": "CVE-2023-50961",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50961"
},
{
"name": "CVE-2023-4206",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4206"
},
{
"name": "CVE-2023-52340",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52340"
},
{
"name": "CVE-2023-6817",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6817"
},
{
"name": "CVE-2023-31084",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31084"
},
{
"name": "CVE-2024-26609",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26609"
},
{
"name": "CVE-2022-45919",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45919"
},
{
"name": "CVE-2019-13224",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13224"
},
{
"name": "CVE-2022-41858",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41858"
},
{
"name": "CVE-2023-3611",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3611"
},
{
"name": "CVE-2023-4128",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4128"
},
{
"name": "CVE-2023-34968",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34968"
},
{
"name": "CVE-2023-31436",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31436"
},
{
"name": "CVE-2001-1267",
"url": "https://www.cve.org/CVERecord?id=CVE-2001-1267"
},
{
"name": "CVE-2023-1074",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1074"
},
{
"name": "CVE-2019-19204",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19204"
},
{
"name": "CVE-2023-42753",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42753"
},
{
"name": "CVE-2023-4921",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4921"
},
{
"name": "CVE-2024-22262",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22262"
},
{
"name": "CVE-2023-33203",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-33203"
},
{
"name": "CVE-2023-5981",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5981"
},
{
"name": "CVE-2023-3812",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3812"
},
{
"name": "CVE-2023-32360",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32360"
},
{
"name": "CVE-2023-27043",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27043"
},
{
"name": "CVE-2023-39189",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39189"
},
{
"name": "CVE-2023-48795",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48795"
},
{
"name": "CVE-2024-27269",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27269"
},
{
"name": "CVE-2023-38409",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38409"
},
{
"name": "CVE-2021-43975",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43975"
},
{
"name": "CVE-2023-4207",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4207"
},
{
"name": "CVE-2018-19787",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19787"
},
{
"name": "CVE-2023-28487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28487"
},
{
"name": "CVE-2023-22067",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22067"
},
{
"name": "CVE-2023-6135",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6135"
},
{
"name": "CVE-2023-6356",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6356"
},
{
"name": "CVE-2023-39198",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39198"
},
{
"name": "CVE-2024-1488",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-1488"
},
{
"name": "CVE-2023-1252",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1252"
},
{
"name": "CVE-2021-3753",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3753"
},
{
"name": "CVE-2022-3545",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3545"
},
{
"name": "CVE-2020-28241",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28241"
},
{
"name": "CVE-2023-2176",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2176"
},
{
"name": "CVE-2023-2162",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2162"
},
{
"name": "CVE-2023-1079",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1079"
},
{
"name": "CVE-2022-36402",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36402"
},
{
"name": "CVE-2023-33952",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-33952"
},
{
"name": "CVE-2023-32324",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32324"
},
{
"name": "CVE-2014-3146",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3146"
},
{
"name": "CVE-2023-45803",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45803"
},
{
"name": "CVE-2023-3758",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3758"
},
{
"name": "CVE-2023-3772",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3772"
},
{
"name": "CVE-2023-34967",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34967"
},
{
"name": "CVE-2022-4744",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4744"
},
{
"name": "CVE-2023-40546",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40546"
},
{
"name": "CVE-2021-35937",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35937"
},
{
"name": "CVE-2023-3161",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3161"
},
{
"name": "CVE-2023-28464",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28464"
},
{
"name": "CVE-2023-3341",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3341"
},
{
"name": "CVE-2023-3567",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3567"
},
{
"name": "CVE-2021-41043",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41043"
},
{
"name": "CVE-2023-35824",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35824"
},
{
"name": "CVE-2023-45871",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45871"
},
{
"name": "CVE-2023-1998",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1998"
},
{
"name": "CVE-2023-28772",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28772"
},
{
"name": "CVE-2023-52580",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52580"
},
{
"name": "CVE-2022-40982",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40982"
},
{
"name": "CVE-2019-16163",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16163"
},
{
"name": "CVE-2023-1786",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1786"
},
{
"name": "CVE-2024-0553",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0553"
},
{
"name": "CVE-2023-1075",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1075"
},
{
"name": "CVE-2023-3609",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3609"
},
{
"name": "CVE-2023-4155",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4155"
},
{
"name": "CVE-2023-4208",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4208"
},
{
"name": "CVE-2023-35823",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35823"
},
{
"name": "CVE-2023-52574",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52574"
},
{
"name": "CVE-2022-3565",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3565"
},
{
"name": "CVE-2023-31083",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31083"
},
{
"name": "CVE-2023-26545",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26545"
},
{
"name": "CVE-2022-3640",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3640"
},
{
"name": "CVE-2023-6176",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6176"
},
{
"name": "CVE-2022-45887",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45887"
},
{
"name": "CVE-2023-6535",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6535"
},
{
"name": "CVE-2023-25012",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25012"
},
{
"name": "CVE-2022-0500",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0500"
},
{
"name": "CVE-2024-0841",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0841"
},
{
"name": "CVE-2019-19203",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19203"
},
{
"name": "CVE-2023-1118",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1118"
},
{
"name": "CVE-2023-43804",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-43804"
},
{
"name": "CVE-2020-25656",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25656"
},
{
"name": "CVE-2022-48560",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48560"
},
{
"name": "CVE-2017-7500",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7500"
},
{
"name": "CVE-2022-3594",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3594"
},
{
"name": "CVE-2023-51780",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51780"
},
{
"name": "CVE-2023-52434",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52434"
},
{
"name": "CVE-2023-34241",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34241"
},
{
"name": "CVE-2022-3094",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3094"
},
{
"name": "CVE-2024-25742",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25742"
},
{
"name": "CVE-2024-25743",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25743"
},
{
"name": "CVE-2022-38096",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38096"
},
{
"name": "CVE-2023-4622",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4622"
},
{
"name": "CVE-2019-8696",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8696"
},
{
"name": "CVE-2024-26602",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26602"
},
{
"name": "CVE-2023-3141",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3141"
},
{
"name": "CVE-2021-4204",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4204"
},
{
"name": "CVE-2022-28388",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28388"
},
{
"name": "CVE-2023-30456",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30456"
},
{
"name": "CVE-2023-42465",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42465"
},
{
"name": "CVE-2023-39192",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39192"
},
{
"name": "CVE-2023-5676",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5676"
},
{
"name": "CVE-2023-6606",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6606"
},
{
"name": "CVE-2023-39194",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39194"
},
{
"name": "CVE-2023-52620",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52620"
},
{
"name": "CVE-2023-24023",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24023"
},
{
"name": "CVE-2023-6932",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6932"
},
{
"name": "CVE-2023-0458",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0458"
},
{
"name": "CVE-2023-1073",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1073"
},
{
"name": "CVE-2023-3212",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3212"
},
{
"name": "CVE-2021-33631",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33631"
},
{
"name": "CVE-2023-50387",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50387"
},
{
"name": "CVE-2023-40549",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40549"
},
{
"name": "CVE-2023-1513",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1513"
},
{
"name": "CVE-2022-48624",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48624"
},
{
"name": "CVE-2011-4969",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-4969"
},
{
"name": "CVE-2021-35938",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35938"
},
{
"name": "CVE-2023-40548",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40548"
},
{
"name": "CVE-2023-0597",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0597"
},
{
"name": "CVE-2024-22259",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22259"
},
{
"name": "CVE-2022-46329",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46329"
},
{
"name": "CVE-2023-34966",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34966"
},
{
"name": "CVE-2023-26604",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26604"
},
{
"name": "CVE-2023-6546",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6546"
},
{
"name": "CVE-2023-7192",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-7192"
},
{
"name": "CVE-2023-4132",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4132"
},
{
"name": "CVE-2022-26377",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26377"
},
{
"name": "CVE-2023-52581",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52581"
},
{
"name": "CVE-2023-40550",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40550"
},
{
"name": "CVE-2019-13631",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13631"
},
{
"name": "CVE-2024-1086",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-1086"
},
{
"name": "CVE-2023-1206",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1206"
},
{
"name": "CVE-2024-0565",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0565"
},
{
"name": "CVE-2019-8675",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8675"
},
{
"name": "CVE-2023-4623",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4623"
},
{
"name": "CVE-2023-51042",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51042"
},
{
"name": "CVE-2023-42755",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42755"
},
{
"name": "CVE-2023-0590",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0590"
},
{
"name": "CVE-2023-39615",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39615"
},
{
"name": "CVE-2017-7501",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7501"
},
{
"name": "CVE-2023-28486",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28486"
},
{
"name": "CVE-2023-50960",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50960"
},
{
"name": "CVE-2015-9251",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-9251"
},
{
"name": "CVE-2023-5388",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5388"
},
{
"name": "CVE-2023-3268",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3268"
},
{
"name": "CVE-2023-25775",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25775"
},
{
"name": "CVE-2012-6708",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-6708"
},
{
"name": "CVE-2022-2127",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2127"
},
{
"name": "CVE-2020-7656",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7656"
},
{
"name": "CVE-2023-5717",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5717"
},
{
"name": "CVE-2019-19012",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19012"
},
{
"name": "CVE-2020-27783",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27783"
},
{
"name": "CVE-2023-6622",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6622"
},
{
"name": "CVE-2021-43818",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43818"
},
{
"name": "CVE-2022-23222",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23222"
},
{
"name": "CVE-2023-6121",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6121"
},
{
"name": "CVE-2021-43618",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43618"
},
{
"name": "CVE-2023-2166",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2166"
},
{
"name": "CVE-2023-1192",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1192"
},
{
"name": "CVE-2023-40547",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40547"
},
{
"name": "CVE-2023-6931",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6931"
},
{
"name": "CVE-2023-6610",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6610"
},
{
"name": "CVE-2023-42754",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42754"
}
],
"initial_release_date": "2024-06-19T00:00:00",
"last_revision_date": "2024-06-19T00:00:00",
"links": [],
"reference": "CERTFR-2024-AVI-0506",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-06-19T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
},
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Juniper Networks. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Juniper Secure Analytics",
"vendor_advisories": [
{
"published_at": "2024-06-19",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA82681",
"url": "https://supportportal.juniper.net/s/article/On-Demand-JSA-Series-Multiple-vulnerabilities-resolved-in-Juniper-Secure-Analytics-in-7-5-0-UP8-IF03"
}
]
}
FKIE_CVE-2023-6135
Vulnerability from fkie_nvd - Published: 2023-12-19 14:15 - Updated: 2024-11-21 08:43
Severity
Summary
Multiple NSS NIST curves were susceptible to a side-channel attack known as "Minerva". This attack could potentially allow an attacker to recover the private key. This vulnerability affects Firefox < 121.
References
| URL | Tags | ||
|---|---|---|---|
| security@mozilla.org | https://bugzilla.mozilla.org/show_bug.cgi?id=1853908 | Issue Tracking, Permissions Required | |
| security@mozilla.org | https://security.gentoo.org/glsa/202401-10 | ||
| security@mozilla.org | https://www.mozilla.org/security/advisories/mfsa2023-56/ | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.mozilla.org/show_bug.cgi?id=1853908 | Issue Tracking, Permissions Required | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/202401-10 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.mozilla.org/security/advisories/mfsa2023-56/ | Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A3D81D72-5965-4DB7-BFA7-9A32A9108919",
"versionEndExcluding": "121.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple NSS NIST curves were susceptible to a side-channel attack known as \"Minerva\". This attack could potentially allow an attacker to recover the private key. This vulnerability affects Firefox \u003c 121."
},
{
"lang": "es",
"value": "M\u00faltiples curvas NSS NIST fueron susceptibles a un ataque de canal lateral conocido como \"Minerva\". Este ataque podr\u00eda permitir potencialmente que un atacante recupere la clave privada. Esta vulnerabilidad afecta a Firefox \u0026lt; 121."
}
],
"id": "CVE-2023-6135",
"lastModified": "2024-11-21T08:43:12.387",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-12-19T14:15:07.143",
"references": [
{
"source": "security@mozilla.org",
"tags": [
"Issue Tracking",
"Permissions Required"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1853908"
},
{
"source": "security@mozilla.org",
"url": "https://security.gentoo.org/glsa/202401-10"
},
{
"source": "security@mozilla.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2023-56/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Permissions Required"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1853908"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/202401-10"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2023-56/"
}
],
"sourceIdentifier": "security@mozilla.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-203"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
GHSA-JXV6-M6PM-CQH2
Vulnerability from github – Published: 2023-12-19 15:30 – Updated: 2023-12-22 12:31
VLAI
Details
Multiple NSS NIST curves were susceptible to a side-channel attack known as "Minerva". This attack could potentially allow an attacker to recover the private key. This vulnerability affects Firefox < 121.
Severity
4.3 (Medium)
{
"affected": [],
"aliases": [
"CVE-2023-6135"
],
"database_specific": {
"cwe_ids": [
"CWE-203"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-12-19T14:15:07Z",
"severity": "MODERATE"
},
"details": "Multiple NSS NIST curves were susceptible to a side-channel attack known as \"Minerva\". This attack could potentially allow an attacker to recover the private key. This vulnerability affects Firefox \u003c 121.",
"id": "GHSA-jxv6-m6pm-cqh2",
"modified": "2023-12-22T12:31:46Z",
"published": "2023-12-19T15:30:30Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-6135"
},
{
"type": "WEB",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1853908"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/202401-10"
},
{
"type": "WEB",
"url": "https://www.mozilla.org/security/advisories/mfsa2023-56"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GSD-2023-6135
Vulnerability from gsd - Updated: 2023-12-13 01:20Details
Multiple NSS NIST curves were susceptible to a side-channel attack known as "Minerva". This attack could potentially allow an attacker to recover the private key. This vulnerability affects Firefox < 121.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2023-6135",
"id": "GSD-2023-6135"
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2023-6135"
],
"details": "Multiple NSS NIST curves were susceptible to a side-channel attack known as \"Minerva\". This attack could potentially allow an attacker to recover the private key. This vulnerability affects Firefox \u003c 121.",
"id": "GSD-2023-6135",
"modified": "2023-12-13T01:20:32.950880Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "security@mozilla.org",
"ID": "CVE-2023-6135",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Firefox",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "unspecified",
"version_value": "121"
}
]
}
}
]
},
"vendor_name": "Mozilla"
}
]
}
},
"credits": [
{
"lang": "en",
"value": "George Pantela (Red Hat) and Hubert Kario (Red Hat)"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple NSS NIST curves were susceptible to a side-channel attack known as \"Minerva\". This attack could potentially allow an attacker to recover the private key. This vulnerability affects Firefox \u003c 121."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "NSS susceptible to \"Minerva\" attack"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1853908",
"refsource": "MISC",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1853908"
},
{
"name": "https://www.mozilla.org/security/advisories/mfsa2023-56/",
"refsource": "MISC",
"url": "https://www.mozilla.org/security/advisories/mfsa2023-56/"
},
{
"name": "https://security.gentoo.org/glsa/202401-10",
"refsource": "MISC",
"url": "https://security.gentoo.org/glsa/202401-10"
}
]
}
},
"nvd.nist.gov": {
"cve": {
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A3D81D72-5965-4DB7-BFA7-9A32A9108919",
"versionEndExcluding": "121.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Multiple NSS NIST curves were susceptible to a side-channel attack known as \"Minerva\". This attack could potentially allow an attacker to recover the private key. This vulnerability affects Firefox \u003c 121."
},
{
"lang": "es",
"value": "M\u00faltiples curvas NSS NIST fueron susceptibles a un ataque de canal lateral conocido como \"Minerva\". Este ataque podr\u00eda permitir potencialmente que un atacante recupere la clave privada. Esta vulnerabilidad afecta a Firefox \u0026lt; 121."
}
],
"id": "CVE-2023-6135",
"lastModified": "2024-01-07T11:15:14.493",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-12-19T14:15:07.143",
"references": [
{
"source": "security@mozilla.org",
"tags": [
"Issue Tracking",
"Permissions Required"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1853908"
},
{
"source": "security@mozilla.org",
"url": "https://security.gentoo.org/glsa/202401-10"
},
{
"source": "security@mozilla.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2023-56/"
}
],
"sourceIdentifier": "security@mozilla.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-203"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
}
}
}
OPENSUSE-SU-2024:13531-1
Vulnerability from csaf_opensuse - Published: 2024-06-15 00:00 - Updated: 2024-06-15 00:00Summary
MozillaFirefox-121.0-1.1 on GA media
Severity
Moderate
Notes
Title of the patch: MozillaFirefox-121.0-1.1 on GA media
Description of the patch: These are all security issues fixed in the MozillaFirefox-121.0-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2024-13531
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
4.3 (Medium)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.8 (High)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
5.3 (Medium)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.8 (High)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.8 (High)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6.5 (Medium)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.8 (High)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.8 (High)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.8 (High)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6.5 (Medium)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.8 (High)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6.1 (Medium)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
4.3 (Medium)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6.5 (Medium)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
4.3 (Medium)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
4.3 (Medium)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6.5 (Medium)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.8 (High)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
56 references
| URL | Category |
|---|---|
| https://www.suse.com/support/security/rating/ | external |
| https://ftp.suse.com/pub/projects/security/csaf/o… | self |
| https://www.suse.com/security/cve/CVE-2023-6135/ | self |
| https://www.suse.com/security/cve/CVE-2023-6856/ | self |
| https://www.suse.com/security/cve/CVE-2023-6857/ | self |
| https://www.suse.com/security/cve/CVE-2023-6858/ | self |
| https://www.suse.com/security/cve/CVE-2023-6859/ | self |
| https://www.suse.com/security/cve/CVE-2023-6860/ | self |
| https://www.suse.com/security/cve/CVE-2023-6861/ | self |
| https://www.suse.com/security/cve/CVE-2023-6863/ | self |
| https://www.suse.com/security/cve/CVE-2023-6864/ | self |
| https://www.suse.com/security/cve/CVE-2023-6865/ | self |
| https://www.suse.com/security/cve/CVE-2023-6866/ | self |
| https://www.suse.com/security/cve/CVE-2023-6867/ | self |
| https://www.suse.com/security/cve/CVE-2023-6868/ | self |
| https://www.suse.com/security/cve/CVE-2023-6869/ | self |
| https://www.suse.com/security/cve/CVE-2023-6870/ | self |
| https://www.suse.com/security/cve/CVE-2023-6871/ | self |
| https://www.suse.com/security/cve/CVE-2023-6872/ | self |
| https://www.suse.com/security/cve/CVE-2023-6873/ | self |
| https://www.suse.com/security/cve/CVE-2023-6135 | external |
| https://bugzilla.suse.com/1217974 | external |
| https://www.suse.com/security/cve/CVE-2023-6856 | external |
| https://bugzilla.suse.com/1217974 | external |
| https://www.suse.com/security/cve/CVE-2023-6857 | external |
| https://bugzilla.suse.com/1217974 | external |
| https://www.suse.com/security/cve/CVE-2023-6858 | external |
| https://bugzilla.suse.com/1217974 | external |
| https://www.suse.com/security/cve/CVE-2023-6859 | external |
| https://bugzilla.suse.com/1217974 | external |
| https://www.suse.com/security/cve/CVE-2023-6860 | external |
| https://bugzilla.suse.com/1217974 | external |
| https://www.suse.com/security/cve/CVE-2023-6861 | external |
| https://bugzilla.suse.com/1217974 | external |
| https://www.suse.com/security/cve/CVE-2023-6863 | external |
| https://bugzilla.suse.com/1217974 | external |
| https://www.suse.com/security/cve/CVE-2023-6864 | external |
| https://bugzilla.suse.com/1217974 | external |
| https://www.suse.com/security/cve/CVE-2023-6865 | external |
| https://bugzilla.suse.com/1217974 | external |
| https://www.suse.com/security/cve/CVE-2023-6866 | external |
| https://bugzilla.suse.com/1217974 | external |
| https://www.suse.com/security/cve/CVE-2023-6867 | external |
| https://bugzilla.suse.com/1217974 | external |
| https://www.suse.com/security/cve/CVE-2023-6868 | external |
| https://bugzilla.suse.com/1217974 | external |
| https://www.suse.com/security/cve/CVE-2023-6869 | external |
| https://bugzilla.suse.com/1217974 | external |
| https://www.suse.com/security/cve/CVE-2023-6870 | external |
| https://bugzilla.suse.com/1217974 | external |
| https://www.suse.com/security/cve/CVE-2023-6871 | external |
| https://bugzilla.suse.com/1217974 | external |
| https://www.suse.com/security/cve/CVE-2023-6872 | external |
| https://bugzilla.suse.com/1217974 | external |
| https://www.suse.com/security/cve/CVE-2023-6873 | external |
| https://bugzilla.suse.com/1217974 | external |
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "MozillaFirefox-121.0-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the MozillaFirefox-121.0-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-13531",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_13531-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6135 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6135/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6856 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6856/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6857 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6857/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6858 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6858/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6859 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6859/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6860 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6860/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6861 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6861/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6863 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6863/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6864 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6864/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6865 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6865/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6866 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6866/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6867 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6867/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6868 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6868/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6869 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6869/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6870 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6870/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6871 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6871/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6872 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6872/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6873 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6873/"
}
],
"title": "MozillaFirefox-121.0-1.1 on GA media",
"tracking": {
"current_release_date": "2024-06-15T00:00:00Z",
"generator": {
"date": "2024-06-15T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:13531-1",
"initial_release_date": "2024-06-15T00:00:00Z",
"revision_history": [
{
"date": "2024-06-15T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "MozillaFirefox-121.0-1.1.aarch64",
"product": {
"name": "MozillaFirefox-121.0-1.1.aarch64",
"product_id": "MozillaFirefox-121.0-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"product": {
"name": "MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"product_id": "MozillaFirefox-branding-upstream-121.0-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-devel-121.0-1.1.aarch64",
"product": {
"name": "MozillaFirefox-devel-121.0-1.1.aarch64",
"product_id": "MozillaFirefox-devel-121.0-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-common-121.0-1.1.aarch64",
"product": {
"name": "MozillaFirefox-translations-common-121.0-1.1.aarch64",
"product_id": "MozillaFirefox-translations-common-121.0-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-other-121.0-1.1.aarch64",
"product": {
"name": "MozillaFirefox-translations-other-121.0-1.1.aarch64",
"product_id": "MozillaFirefox-translations-other-121.0-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "MozillaFirefox-121.0-1.1.ppc64le",
"product": {
"name": "MozillaFirefox-121.0-1.1.ppc64le",
"product_id": "MozillaFirefox-121.0-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"product": {
"name": "MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"product_id": "MozillaFirefox-branding-upstream-121.0-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-devel-121.0-1.1.ppc64le",
"product": {
"name": "MozillaFirefox-devel-121.0-1.1.ppc64le",
"product_id": "MozillaFirefox-devel-121.0-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"product": {
"name": "MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"product_id": "MozillaFirefox-translations-common-121.0-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"product": {
"name": "MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"product_id": "MozillaFirefox-translations-other-121.0-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "MozillaFirefox-121.0-1.1.s390x",
"product": {
"name": "MozillaFirefox-121.0-1.1.s390x",
"product_id": "MozillaFirefox-121.0-1.1.s390x"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"product": {
"name": "MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"product_id": "MozillaFirefox-branding-upstream-121.0-1.1.s390x"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-devel-121.0-1.1.s390x",
"product": {
"name": "MozillaFirefox-devel-121.0-1.1.s390x",
"product_id": "MozillaFirefox-devel-121.0-1.1.s390x"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-common-121.0-1.1.s390x",
"product": {
"name": "MozillaFirefox-translations-common-121.0-1.1.s390x",
"product_id": "MozillaFirefox-translations-common-121.0-1.1.s390x"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-other-121.0-1.1.s390x",
"product": {
"name": "MozillaFirefox-translations-other-121.0-1.1.s390x",
"product_id": "MozillaFirefox-translations-other-121.0-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "MozillaFirefox-121.0-1.1.x86_64",
"product": {
"name": "MozillaFirefox-121.0-1.1.x86_64",
"product_id": "MozillaFirefox-121.0-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"product": {
"name": "MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"product_id": "MozillaFirefox-branding-upstream-121.0-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-devel-121.0-1.1.x86_64",
"product": {
"name": "MozillaFirefox-devel-121.0-1.1.x86_64",
"product_id": "MozillaFirefox-devel-121.0-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-common-121.0-1.1.x86_64",
"product": {
"name": "MozillaFirefox-translations-common-121.0-1.1.x86_64",
"product_id": "MozillaFirefox-translations-common-121.0-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-other-121.0-1.1.x86_64",
"product": {
"name": "MozillaFirefox-translations-other-121.0-1.1.x86_64",
"product_id": "MozillaFirefox-translations-other-121.0-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-121.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64"
},
"product_reference": "MozillaFirefox-121.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-121.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le"
},
"product_reference": "MozillaFirefox-121.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-121.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x"
},
"product_reference": "MozillaFirefox-121.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-121.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64"
},
"product_reference": "MozillaFirefox-121.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-branding-upstream-121.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64"
},
"product_reference": "MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-branding-upstream-121.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le"
},
"product_reference": "MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-branding-upstream-121.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x"
},
"product_reference": "MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-branding-upstream-121.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64"
},
"product_reference": "MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-devel-121.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64"
},
"product_reference": "MozillaFirefox-devel-121.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-devel-121.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le"
},
"product_reference": "MozillaFirefox-devel-121.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-devel-121.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x"
},
"product_reference": "MozillaFirefox-devel-121.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-devel-121.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64"
},
"product_reference": "MozillaFirefox-devel-121.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-common-121.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64"
},
"product_reference": "MozillaFirefox-translations-common-121.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-common-121.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le"
},
"product_reference": "MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-common-121.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x"
},
"product_reference": "MozillaFirefox-translations-common-121.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-common-121.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64"
},
"product_reference": "MozillaFirefox-translations-common-121.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-other-121.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64"
},
"product_reference": "MozillaFirefox-translations-other-121.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-other-121.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le"
},
"product_reference": "MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-other-121.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x"
},
"product_reference": "MozillaFirefox-translations-other-121.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-other-121.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
},
"product_reference": "MozillaFirefox-translations-other-121.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-6135",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6135"
}
],
"notes": [
{
"category": "general",
"text": "Multiple NSS NIST curves were susceptible to a side-channel attack known as \"Minerva\". This attack could potentially allow an attacker to recover the private key. This vulnerability affects Firefox \u003c 121.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6135",
"url": "https://www.suse.com/security/cve/CVE-2023-6135"
},
{
"category": "external",
"summary": "SUSE Bug 1217974 for CVE-2023-6135",
"url": "https://bugzilla.suse.com/1217974"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2023-6135"
},
{
"cve": "CVE-2023-6856",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6856"
}
],
"notes": [
{
"category": "general",
"text": "The WebGL `DrawElementsInstanced` method was susceptible to a heap buffer overflow when used on systems with the Mesa VM driver. This issue could allow an attacker to perform remote code execution and sandbox escape. This vulnerability affects Firefox ESR \u003c 115.6, Thunderbird \u003c 115.6, and Firefox \u003c 121.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6856",
"url": "https://www.suse.com/security/cve/CVE-2023-6856"
},
{
"category": "external",
"summary": "SUSE Bug 1217974 for CVE-2023-6856",
"url": "https://bugzilla.suse.com/1217974"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2023-6856"
},
{
"cve": "CVE-2023-6857",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6857"
}
],
"notes": [
{
"category": "general",
"text": "When resolving a symlink, a race may occur where the buffer passed to `readlink` may actually be smaller than necessary. \n*This bug only affects Firefox on Unix-based operating systems (Android, Linux, MacOS). Windows is unaffected.* This vulnerability affects Firefox ESR \u003c 115.6, Thunderbird \u003c 115.6, and Firefox \u003c 121.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6857",
"url": "https://www.suse.com/security/cve/CVE-2023-6857"
},
{
"category": "external",
"summary": "SUSE Bug 1217974 for CVE-2023-6857",
"url": "https://bugzilla.suse.com/1217974"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2023-6857"
},
{
"cve": "CVE-2023-6858",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6858"
}
],
"notes": [
{
"category": "general",
"text": "Firefox was susceptible to a heap buffer overflow in `nsTextFragment` due to insufficient OOM handling. This vulnerability affects Firefox ESR \u003c 115.6, Thunderbird \u003c 115.6, and Firefox \u003c 121.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6858",
"url": "https://www.suse.com/security/cve/CVE-2023-6858"
},
{
"category": "external",
"summary": "SUSE Bug 1217974 for CVE-2023-6858",
"url": "https://bugzilla.suse.com/1217974"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2023-6858"
},
{
"cve": "CVE-2023-6859",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6859"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free condition affected TLS socket creation when under memory pressure. This vulnerability affects Firefox ESR \u003c 115.6, Thunderbird \u003c 115.6, and Firefox \u003c 121.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6859",
"url": "https://www.suse.com/security/cve/CVE-2023-6859"
},
{
"category": "external",
"summary": "SUSE Bug 1217974 for CVE-2023-6859",
"url": "https://bugzilla.suse.com/1217974"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2023-6859"
},
{
"cve": "CVE-2023-6860",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6860"
}
],
"notes": [
{
"category": "general",
"text": "The `VideoBridge` allowed any content process to use textures produced by remote decoders. This could be abused to escape the sandbox. This vulnerability affects Firefox ESR \u003c 115.6, Thunderbird \u003c 115.6, and Firefox \u003c 121.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6860",
"url": "https://www.suse.com/security/cve/CVE-2023-6860"
},
{
"category": "external",
"summary": "SUSE Bug 1217974 for CVE-2023-6860",
"url": "https://bugzilla.suse.com/1217974"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2023-6860"
},
{
"cve": "CVE-2023-6861",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6861"
}
],
"notes": [
{
"category": "general",
"text": "The `nsWindow::PickerOpen(void)` method was susceptible to a heap buffer overflow when running in headless mode. This vulnerability affects Firefox ESR \u003c 115.6, Thunderbird \u003c 115.6, and Firefox \u003c 121.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6861",
"url": "https://www.suse.com/security/cve/CVE-2023-6861"
},
{
"category": "external",
"summary": "SUSE Bug 1217974 for CVE-2023-6861",
"url": "https://bugzilla.suse.com/1217974"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2023-6861"
},
{
"cve": "CVE-2023-6863",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6863"
}
],
"notes": [
{
"category": "general",
"text": "The `ShutdownObserver()` was susceptible to potentially undefined behavior due to its reliance on a dynamic type that lacked a virtual destructor. This vulnerability affects Firefox ESR \u003c 115.6, Thunderbird \u003c 115.6, and Firefox \u003c 121.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6863",
"url": "https://www.suse.com/security/cve/CVE-2023-6863"
},
{
"category": "external",
"summary": "SUSE Bug 1217974 for CVE-2023-6863",
"url": "https://bugzilla.suse.com/1217974"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2023-6863"
},
{
"cve": "CVE-2023-6864",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6864"
}
],
"notes": [
{
"category": "general",
"text": "Memory safety bugs present in Firefox 120, Firefox ESR 115.5, and Thunderbird 115.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR \u003c 115.6, Thunderbird \u003c 115.6, and Firefox \u003c 121.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6864",
"url": "https://www.suse.com/security/cve/CVE-2023-6864"
},
{
"category": "external",
"summary": "SUSE Bug 1217974 for CVE-2023-6864",
"url": "https://bugzilla.suse.com/1217974"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2023-6864"
},
{
"cve": "CVE-2023-6865",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6865"
}
],
"notes": [
{
"category": "general",
"text": "`EncryptingOutputStream` was susceptible to exposing uninitialized data. This issue could only be abused in order to write data to a local disk which may have implications for private browsing mode. This vulnerability affects Firefox ESR \u003c 115.6 and Firefox \u003c 121.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6865",
"url": "https://www.suse.com/security/cve/CVE-2023-6865"
},
{
"category": "external",
"summary": "SUSE Bug 1217974 for CVE-2023-6865",
"url": "https://bugzilla.suse.com/1217974"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2023-6865"
},
{
"cve": "CVE-2023-6866",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6866"
}
],
"notes": [
{
"category": "general",
"text": "TypedArrays can be fallible and lacked proper exception handling. This could lead to abuse in other APIs which expect TypedArrays to always succeed. This vulnerability affects Firefox \u003c 121.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6866",
"url": "https://www.suse.com/security/cve/CVE-2023-6866"
},
{
"category": "external",
"summary": "SUSE Bug 1217974 for CVE-2023-6866",
"url": "https://bugzilla.suse.com/1217974"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2023-6866"
},
{
"cve": "CVE-2023-6867",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6867"
}
],
"notes": [
{
"category": "general",
"text": "The timing of a button click causing a popup to disappear was approximately the same length as the anti-clickjacking delay on permission prompts. It was possible to use this fact to surprise users by luring them to click where the permission grant button would be about to appear. This vulnerability affects Firefox ESR \u003c 115.6 and Firefox \u003c 121.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6867",
"url": "https://www.suse.com/security/cve/CVE-2023-6867"
},
{
"category": "external",
"summary": "SUSE Bug 1217974 for CVE-2023-6867",
"url": "https://bugzilla.suse.com/1217974"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2023-6867"
},
{
"cve": "CVE-2023-6868",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6868"
}
],
"notes": [
{
"category": "general",
"text": "In some instances, the user-agent would allow push requests which lacked a valid VAPID even though the push manager subscription defined one. This could allow empty messages to be sent from unauthorized parties.\n*This bug only affects Firefox on Android.* This vulnerability affects Firefox \u003c 121.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6868",
"url": "https://www.suse.com/security/cve/CVE-2023-6868"
},
{
"category": "external",
"summary": "SUSE Bug 1217974 for CVE-2023-6868",
"url": "https://bugzilla.suse.com/1217974"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2023-6868"
},
{
"cve": "CVE-2023-6869",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6869"
}
],
"notes": [
{
"category": "general",
"text": "A `\u0026lt;dialog\u003e` element could have been manipulated to paint content outside of a sandboxed iframe. This could allow untrusted content to display under the guise of trusted content. This vulnerability affects Firefox \u003c 121.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6869",
"url": "https://www.suse.com/security/cve/CVE-2023-6869"
},
{
"category": "external",
"summary": "SUSE Bug 1217974 for CVE-2023-6869",
"url": "https://bugzilla.suse.com/1217974"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2023-6869"
},
{
"cve": "CVE-2023-6870",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6870"
}
],
"notes": [
{
"category": "general",
"text": "Applications which spawn a Toast notification in a background thread may have obscured fullscreen notifications displayed by Firefox. \n*This issue only affects Android versions of Firefox and Firefox Focus.* This vulnerability affects Firefox \u003c 121.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6870",
"url": "https://www.suse.com/security/cve/CVE-2023-6870"
},
{
"category": "external",
"summary": "SUSE Bug 1217974 for CVE-2023-6870",
"url": "https://bugzilla.suse.com/1217974"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2023-6870"
},
{
"cve": "CVE-2023-6871",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6871"
}
],
"notes": [
{
"category": "general",
"text": "Under certain conditions, Firefox did not display a warning when a user attempted to navigate to a new protocol handler. This vulnerability affects Firefox \u003c 121.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6871",
"url": "https://www.suse.com/security/cve/CVE-2023-6871"
},
{
"category": "external",
"summary": "SUSE Bug 1217974 for CVE-2023-6871",
"url": "https://bugzilla.suse.com/1217974"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2023-6871"
},
{
"cve": "CVE-2023-6872",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6872"
}
],
"notes": [
{
"category": "general",
"text": "Browser tab titles were being leaked by GNOME to system logs. This could potentially expose the browsing habits of users running in a private tab. This vulnerability affects Firefox \u003c 121.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6872",
"url": "https://www.suse.com/security/cve/CVE-2023-6872"
},
{
"category": "external",
"summary": "SUSE Bug 1217974 for CVE-2023-6872",
"url": "https://bugzilla.suse.com/1217974"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2023-6872"
},
{
"cve": "CVE-2023-6873",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6873"
}
],
"notes": [
{
"category": "general",
"text": "Memory safety bugs present in Firefox 120. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 121.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6873",
"url": "https://www.suse.com/security/cve/CVE-2023-6873"
},
{
"category": "external",
"summary": "SUSE Bug 1217974 for CVE-2023-6873",
"url": "https://bugzilla.suse.com/1217974"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2023-6873"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…