Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2018-5158 (GCVE-0-2018-5158)
Vulnerability from cvelistv5
- Malicious PDF can inject JavaScript into PDF Viewer
Vendor | Product | Version | |||||||
---|---|---|---|---|---|---|---|---|---|
▼ | Mozilla | Firefox ESR |
Version: unspecified < 52.8 |
||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T05:26:47.026Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "RHSA-2018:1415", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:1415" }, { "name": "GLSA-201810-01", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201810-01" }, { "name": "RHSA-2018:1414", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:1414" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2018-11/" }, { "name": "1040896", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1040896" }, { "name": "DSA-4199", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "https://www.debian.org/security/2018/dsa-4199" }, { "name": "USN-3645-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/3645-1/" }, { "name": "[debian-lts-announce] 20180511 [SECURITY] [DLA 1376-1] firefox-esr security update", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00007.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1452075" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2018-12/" }, { "name": "104136", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/104136" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Firefox ESR", "vendor": "Mozilla", "versions": [ { "lessThan": "52.8", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Firefox", "vendor": "Mozilla", "versions": [ { "lessThan": "60", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "datePublic": "2018-05-09T00:00:00", "descriptions": [ { "lang": "en", "value": "The PDF viewer does not sufficiently sanitize PostScript calculator functions, allowing malicious JavaScript to be injected through a crafted PDF file. This JavaScript can then be run with the permissions of the PDF viewer by its worker. This vulnerability affects Firefox ESR \u003c 52.8 and Firefox \u003c 60." } ], "problemTypes": [ { "descriptions": [ { "description": "Malicious PDF can inject JavaScript into PDF Viewer", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-20T09:57:01", "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla" }, "references": [ { "name": "RHSA-2018:1415", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:1415" }, { "name": "GLSA-201810-01", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201810-01" }, { "name": "RHSA-2018:1414", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:1414" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://www.mozilla.org/security/advisories/mfsa2018-11/" }, { "name": "1040896", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1040896" }, { "name": "DSA-4199", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "https://www.debian.org/security/2018/dsa-4199" }, { "name": "USN-3645-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/3645-1/" }, { "name": "[debian-lts-announce] 20180511 [SECURITY] [DLA 1376-1] firefox-esr security update", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00007.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1452075" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://www.mozilla.org/security/advisories/mfsa2018-12/" }, { "name": "104136", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/104136" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@mozilla.org", "ID": "CVE-2018-5158", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Firefox ESR", "version": { "version_data": [ { "version_affected": "\u003c", "version_value": "52.8" } ] } }, { "product_name": "Firefox", "version": { "version_data": [ { "version_affected": "\u003c", "version_value": "60" } ] } } ] }, "vendor_name": "Mozilla" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The PDF viewer does not sufficiently sanitize PostScript calculator functions, allowing malicious JavaScript to be injected through a crafted PDF file. This JavaScript can then be run with the permissions of the PDF viewer by its worker. This vulnerability affects Firefox ESR \u003c 52.8 and Firefox \u003c 60." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Malicious PDF can inject JavaScript into PDF Viewer" } ] } ] }, "references": { "reference_data": [ { "name": "RHSA-2018:1415", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:1415" }, { "name": "GLSA-201810-01", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201810-01" }, { "name": "RHSA-2018:1414", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:1414" }, { "name": "https://www.mozilla.org/security/advisories/mfsa2018-11/", "refsource": "CONFIRM", "url": "https://www.mozilla.org/security/advisories/mfsa2018-11/" }, { "name": "1040896", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1040896" }, { "name": "DSA-4199", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2018/dsa-4199" }, { "name": "USN-3645-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3645-1/" }, { "name": "[debian-lts-announce] 20180511 [SECURITY] [DLA 1376-1] firefox-esr security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00007.html" }, { "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1452075", "refsource": "CONFIRM", "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1452075" }, { "name": "https://www.mozilla.org/security/advisories/mfsa2018-12/", "refsource": "CONFIRM", "url": "https://www.mozilla.org/security/advisories/mfsa2018-12/" }, { "name": "104136", "refsource": "BID", "url": "http://www.securityfocus.com/bid/104136" } ] } } } }, "cveMetadata": { "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "assignerShortName": "mozilla", "cveId": "CVE-2018-5158", "datePublished": "2018-06-11T21:00:00", "dateReserved": "2018-01-03T00:00:00", "dateUpdated": "2024-08-05T05:26:47.026Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "vulnerability-lookup:meta": { "nvd": "{\"cve\":{\"id\":\"CVE-2018-5158\",\"sourceIdentifier\":\"security@mozilla.org\",\"published\":\"2018-06-11T21:29:15.280\",\"lastModified\":\"2024-11-21T04:08:14.037\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The PDF viewer does not sufficiently sanitize PostScript calculator functions, allowing malicious JavaScript to be injected through a crafted PDF file. This JavaScript can then be run with the permissions of the PDF viewer by its worker. This vulnerability affects Firefox ESR \u003c 52.8 and Firefox \u003c 60.\"},{\"lang\":\"es\",\"value\":\"El visor de PDF no sanea suficientemente las funciones de la calculadora PostScript, lo que permite inyectar JavaScript malicioso a trav\u00e9s de un archivo PDF manipulado. Este JavaScript puede ser ejecutado por su worker con los permisos del visor de PDF. Esta vulnerabilidad afecta a las versiones anteriores a la 52.8 de Firefox ESR y las versiones anteriores a la 60 de Firefox.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:P/A:P\",\"baseScore\":6.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-94\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"16F59A04-14CF-49E2-9973-645477EA09DA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEECE5FC-CACF-4496-A3E7-164736409252\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"33C068A4-3780-4EAB-A937-6082DF847564\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9BBCD86A-E6C7-4444-9D74-F861084090F0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"51EF4996-72F4-4FA4-814F-F5991E7A8318\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B353CE99-D57C-465B-AAB0-73EF581127D1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A4E9DD8A-A68B-4A69-8B01-BFF92A2020A8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BF77CDCF-B9C9-427D-B2BF-36650FB2148C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B76AA310-FEC7-497F-AF04-C3EC1E76C4CC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E5ED5807-55B7-47C5-97A6-03233F4FBC3A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"825ECE2D-E232-46E0-A047-074B34DB1E97\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"60.0\",\"matchCriteriaId\":\"1AD89C37-DC57-40D3-80CE-5126A6C142E8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"52.8.0\",\"matchCriteriaId\":\"8C5C0488-40EF-4034-8F6D-6BFFF4B379F8\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"B5A6F2F3-4894-4392-8296-3B8DD2679084\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9070C9D8-A14A-467F-8253-33B966C16886\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D\"}]}]}],\"references\":[{\"url\":\"http://www.securityfocus.com/bid/104136\",\"source\":\"security@mozilla.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1040896\",\"source\":\"security@mozilla.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:1414\",\"source\":\"security@mozilla.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:1415\",\"source\":\"security@mozilla.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.mozilla.org/show_bug.cgi?id=1452075\",\"source\":\"security@mozilla.org\",\"tags\":[\"Issue Tracking\",\"Vendor Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2018/05/msg00007.html\",\"source\":\"security@mozilla.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/201810-01\",\"source\":\"security@mozilla.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/3645-1/\",\"source\":\"security@mozilla.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2018/dsa-4199\",\"source\":\"security@mozilla.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.mozilla.org/security/advisories/mfsa2018-11/\",\"source\":\"security@mozilla.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.mozilla.org/security/advisories/mfsa2018-12/\",\"source\":\"security@mozilla.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/104136\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1040896\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:1414\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:1415\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.mozilla.org/show_bug.cgi?id=1452075\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Vendor Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2018/05/msg00007.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/201810-01\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/3645-1/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2018/dsa-4199\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.mozilla.org/security/advisories/mfsa2018-11/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.mozilla.org/security/advisories/mfsa2018-12/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}" } }
rhsa-2018:1414
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Critical" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for firefox is now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.\n\nThis update upgrades Firefox to version 52.8.0 ESR.\n\nSecurity Fix(es):\n\n* Mozilla: Memory safety bugs fixed in Firefox 60 and Firefox ESR 52.8 (CVE-2018-5150)\n\n* Mozilla: Backport critical security fixes in Skia (CVE-2018-5183)\n\n* Mozilla: Use-after-free with SVG animations and clip paths (CVE-2018-5154)\n\n* Mozilla: Use-after-free with SVG animations and text paths (CVE-2018-5155)\n\n* Mozilla: Same-origin bypass of PDF Viewer to view protected PDF files (CVE-2018-5157)\n\n* Mozilla: Malicious PDF can inject JavaScript into PDF Viewer (CVE-2018-5158)\n\n* Mozilla: Integer overflow and out-of-bounds write in Skia (CVE-2018-5159)\n\n* Mozilla: Lightweight themes can be installed without user interaction (CVE-2018-5168)\n\n* Mozilla: Buffer overflow during UTF-8 to Unicode string conversion through legacy extension (CVE-2018-5178)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nRed Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Christoph Diehl, Randell Jesup, Tyson Smith, Alex Gaynor, Ronald Crane, Julian Hector, Kannan Vijayan, Jason Kratzer, Mozilla Developers, Nils, Wladimir Palant, Ivan Fratric, and Root Object as the original reporters.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2018:1414", "url": "https://access.redhat.com/errata/RHSA-2018:1414" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#critical", "url": "https://access.redhat.com/security/updates/classification/#critical" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-11/", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-11/" }, { "category": "external", "summary": "1576250", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576250" }, { "category": "external", "summary": "1576255", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576255" }, { "category": "external", "summary": "1576257", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576257" }, { "category": "external", "summary": "1576258", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576258" }, { "category": "external", "summary": "1576259", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576259" }, { "category": "external", "summary": "1576260", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576260" }, { "category": "external", "summary": "1576269", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576269" }, { "category": "external", "summary": "1576278", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576278" }, { "category": "external", "summary": "1576283", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576283" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_1414.json" } ], "title": "Red Hat Security Advisory: firefox security update", "tracking": { "current_release_date": "2024-11-22T11:58:04+00:00", "generator": { "date": "2024-11-22T11:58:04+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2018:1414", "initial_release_date": "2018-05-14T14:48:05+00:00", "revision_history": [ { "date": "2018-05-14T14:48:05+00:00", "number": "1", "summary": "Initial version" }, { "date": "2018-05-14T14:48:05+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-22T11:58:04+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux Desktop (v. 6)", "product": { "name": "Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client-6.9.z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:6::client" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Desktop Optional (v. 6)", "product": { "name": "Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.9.z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:6::client" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product": { "name": "Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.9.z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:6::computenode" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Server (v. 6)", "product": { "name": "Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.9.z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:6::server" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Server Optional (v. 6)", "product": { "name": "Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.9.z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:6::server" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Workstation (v. 6)", "product": { "name": "Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.9.z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:6::workstation" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Workstation Optional (v. 6)", "product": { "name": "Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.9.z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:6::workstation" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux" }, { "branches": [ { "category": "product_version", "name": "firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "product": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "product_id": "firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox-debuginfo@52.8.0-1.el6_9?arch=x86_64" } } }, { "category": "product_version", "name": "firefox-0:52.8.0-1.el6_9.x86_64", "product": { "name": "firefox-0:52.8.0-1.el6_9.x86_64", "product_id": "firefox-0:52.8.0-1.el6_9.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox@52.8.0-1.el6_9?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "firefox-debuginfo-0:52.8.0-1.el6_9.i686", "product": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.i686", "product_id": "firefox-debuginfo-0:52.8.0-1.el6_9.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox-debuginfo@52.8.0-1.el6_9?arch=i686" } } }, { "category": "product_version", "name": "firefox-0:52.8.0-1.el6_9.i686", "product": { "name": "firefox-0:52.8.0-1.el6_9.i686", "product_id": "firefox-0:52.8.0-1.el6_9.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox@52.8.0-1.el6_9?arch=i686" } } } ], "category": "architecture", "name": "i686" }, { "branches": [ { "category": "product_version", "name": "firefox-0:52.8.0-1.el6_9.src", "product": { "name": "firefox-0:52.8.0-1.el6_9.src", "product_id": "firefox-0:52.8.0-1.el6_9.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox@52.8.0-1.el6_9?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "product": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "product_id": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox-debuginfo@52.8.0-1.el6_9?arch=ppc" } } }, { "category": "product_version", "name": "firefox-0:52.8.0-1.el6_9.ppc", "product": { "name": "firefox-0:52.8.0-1.el6_9.ppc", "product_id": "firefox-0:52.8.0-1.el6_9.ppc", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox@52.8.0-1.el6_9?arch=ppc" } } } ], "category": "architecture", "name": "ppc" }, { "branches": [ { "category": "product_version", "name": "firefox-debuginfo-0:52.8.0-1.el6_9.s390", "product": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.s390", "product_id": "firefox-debuginfo-0:52.8.0-1.el6_9.s390", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox-debuginfo@52.8.0-1.el6_9?arch=s390" } } }, { "category": "product_version", "name": "firefox-0:52.8.0-1.el6_9.s390", "product": { "name": "firefox-0:52.8.0-1.el6_9.s390", "product_id": "firefox-0:52.8.0-1.el6_9.s390", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox@52.8.0-1.el6_9?arch=s390" } } } ], "category": "architecture", "name": "s390" }, { "branches": [ { "category": "product_version", "name": "firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "product": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "product_id": "firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox-debuginfo@52.8.0-1.el6_9?arch=s390x" } } }, { "category": "product_version", "name": "firefox-0:52.8.0-1.el6_9.s390x", "product": { "name": "firefox-0:52.8.0-1.el6_9.s390x", "product_id": "firefox-0:52.8.0-1.el6_9.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox@52.8.0-1.el6_9?arch=s390x" } } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "product": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "product_id": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox-debuginfo@52.8.0-1.el6_9?arch=ppc64" } } }, { "category": "product_version", "name": "firefox-0:52.8.0-1.el6_9.ppc64", "product": { "name": "firefox-0:52.8.0-1.el6_9.ppc64", "product_id": "firefox-0:52.8.0-1.el6_9.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox@52.8.0-1.el6_9?arch=ppc64" } } } ], "category": "architecture", "name": "ppc64" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686" }, "product_reference": "firefox-0:52.8.0-1.el6_9.i686", "relates_to_product_reference": "6Client-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.ppc as a component of Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc" }, "product_reference": "firefox-0:52.8.0-1.el6_9.ppc", "relates_to_product_reference": "6Client-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64" }, "product_reference": "firefox-0:52.8.0-1.el6_9.ppc64", "relates_to_product_reference": "6Client-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.s390 as a component of Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390" }, "product_reference": "firefox-0:52.8.0-1.el6_9.s390", "relates_to_product_reference": "6Client-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.s390x as a component of Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x" }, "product_reference": "firefox-0:52.8.0-1.el6_9.s390x", "relates_to_product_reference": "6Client-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.src as a component of Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src" }, "product_reference": "firefox-0:52.8.0-1.el6_9.src", "relates_to_product_reference": "6Client-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64" }, "product_reference": "firefox-0:52.8.0-1.el6_9.x86_64", "relates_to_product_reference": "6Client-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.i686", "relates_to_product_reference": "6Client-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc as a component of Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "relates_to_product_reference": "6Client-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "relates_to_product_reference": "6Client-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.s390 as a component of Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.s390", "relates_to_product_reference": "6Client-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.s390x as a component of Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "relates_to_product_reference": "6Client-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "relates_to_product_reference": "6Client-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686" }, "product_reference": "firefox-0:52.8.0-1.el6_9.i686", "relates_to_product_reference": "6Client-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.ppc as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc" }, "product_reference": "firefox-0:52.8.0-1.el6_9.ppc", "relates_to_product_reference": "6Client-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64" }, "product_reference": "firefox-0:52.8.0-1.el6_9.ppc64", "relates_to_product_reference": "6Client-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.s390 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390" }, "product_reference": "firefox-0:52.8.0-1.el6_9.s390", "relates_to_product_reference": "6Client-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x" }, "product_reference": "firefox-0:52.8.0-1.el6_9.s390x", "relates_to_product_reference": "6Client-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.src as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src" }, "product_reference": "firefox-0:52.8.0-1.el6_9.src", "relates_to_product_reference": "6Client-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64" }, "product_reference": "firefox-0:52.8.0-1.el6_9.x86_64", "relates_to_product_reference": "6Client-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.i686", "relates_to_product_reference": "6Client-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "relates_to_product_reference": "6Client-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "relates_to_product_reference": "6Client-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.s390 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.s390", "relates_to_product_reference": "6Client-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "relates_to_product_reference": "6Client-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "relates_to_product_reference": "6Client-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686" }, "product_reference": "firefox-0:52.8.0-1.el6_9.i686", "relates_to_product_reference": "6ComputeNode-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.ppc as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc" }, "product_reference": "firefox-0:52.8.0-1.el6_9.ppc", "relates_to_product_reference": "6ComputeNode-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64" }, "product_reference": "firefox-0:52.8.0-1.el6_9.ppc64", "relates_to_product_reference": "6ComputeNode-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.s390 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390" }, "product_reference": "firefox-0:52.8.0-1.el6_9.s390", "relates_to_product_reference": "6ComputeNode-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x" }, "product_reference": "firefox-0:52.8.0-1.el6_9.s390x", "relates_to_product_reference": "6ComputeNode-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.src as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src" }, "product_reference": "firefox-0:52.8.0-1.el6_9.src", "relates_to_product_reference": "6ComputeNode-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64" }, "product_reference": "firefox-0:52.8.0-1.el6_9.x86_64", "relates_to_product_reference": "6ComputeNode-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.i686", "relates_to_product_reference": "6ComputeNode-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "relates_to_product_reference": "6ComputeNode-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "relates_to_product_reference": "6ComputeNode-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.s390 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.s390", "relates_to_product_reference": "6ComputeNode-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "relates_to_product_reference": "6ComputeNode-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "relates_to_product_reference": "6ComputeNode-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.i686 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686" }, "product_reference": "firefox-0:52.8.0-1.el6_9.i686", "relates_to_product_reference": "6Server-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.ppc as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc" }, "product_reference": "firefox-0:52.8.0-1.el6_9.ppc", "relates_to_product_reference": "6Server-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64" }, "product_reference": "firefox-0:52.8.0-1.el6_9.ppc64", "relates_to_product_reference": "6Server-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.s390 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390" }, "product_reference": "firefox-0:52.8.0-1.el6_9.s390", "relates_to_product_reference": "6Server-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.s390x as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x" }, "product_reference": "firefox-0:52.8.0-1.el6_9.s390x", "relates_to_product_reference": "6Server-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.src as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src" }, "product_reference": "firefox-0:52.8.0-1.el6_9.src", "relates_to_product_reference": "6Server-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64" }, "product_reference": "firefox-0:52.8.0-1.el6_9.x86_64", "relates_to_product_reference": "6Server-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.i686 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.i686", "relates_to_product_reference": "6Server-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "relates_to_product_reference": "6Server-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "relates_to_product_reference": "6Server-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.s390 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.s390", "relates_to_product_reference": "6Server-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.s390x as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "relates_to_product_reference": "6Server-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "relates_to_product_reference": "6Server-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686" }, "product_reference": "firefox-0:52.8.0-1.el6_9.i686", "relates_to_product_reference": "6Server-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.ppc as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc" }, "product_reference": "firefox-0:52.8.0-1.el6_9.ppc", "relates_to_product_reference": "6Server-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64" }, "product_reference": "firefox-0:52.8.0-1.el6_9.ppc64", "relates_to_product_reference": "6Server-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.s390 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390" }, "product_reference": "firefox-0:52.8.0-1.el6_9.s390", "relates_to_product_reference": "6Server-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x" }, "product_reference": "firefox-0:52.8.0-1.el6_9.s390x", "relates_to_product_reference": "6Server-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.src as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src" }, "product_reference": "firefox-0:52.8.0-1.el6_9.src", "relates_to_product_reference": "6Server-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64" }, "product_reference": "firefox-0:52.8.0-1.el6_9.x86_64", "relates_to_product_reference": "6Server-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.i686", "relates_to_product_reference": "6Server-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "relates_to_product_reference": "6Server-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "relates_to_product_reference": "6Server-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.s390 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.s390", "relates_to_product_reference": "6Server-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "relates_to_product_reference": "6Server-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "relates_to_product_reference": "6Server-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686" }, "product_reference": "firefox-0:52.8.0-1.el6_9.i686", "relates_to_product_reference": "6Workstation-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.ppc as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc" }, "product_reference": "firefox-0:52.8.0-1.el6_9.ppc", "relates_to_product_reference": "6Workstation-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64" }, "product_reference": "firefox-0:52.8.0-1.el6_9.ppc64", "relates_to_product_reference": "6Workstation-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.s390 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390" }, "product_reference": "firefox-0:52.8.0-1.el6_9.s390", "relates_to_product_reference": "6Workstation-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x" }, "product_reference": "firefox-0:52.8.0-1.el6_9.s390x", "relates_to_product_reference": "6Workstation-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.src as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src" }, "product_reference": "firefox-0:52.8.0-1.el6_9.src", "relates_to_product_reference": "6Workstation-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64" }, "product_reference": "firefox-0:52.8.0-1.el6_9.x86_64", "relates_to_product_reference": "6Workstation-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.i686", "relates_to_product_reference": "6Workstation-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "relates_to_product_reference": "6Workstation-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "relates_to_product_reference": "6Workstation-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.s390 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.s390", "relates_to_product_reference": "6Workstation-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "relates_to_product_reference": "6Workstation-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "relates_to_product_reference": "6Workstation-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686" }, "product_reference": "firefox-0:52.8.0-1.el6_9.i686", "relates_to_product_reference": "6Workstation-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.ppc as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc" }, "product_reference": "firefox-0:52.8.0-1.el6_9.ppc", "relates_to_product_reference": "6Workstation-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64" }, "product_reference": "firefox-0:52.8.0-1.el6_9.ppc64", "relates_to_product_reference": "6Workstation-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.s390 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390" }, "product_reference": "firefox-0:52.8.0-1.el6_9.s390", "relates_to_product_reference": "6Workstation-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x" }, "product_reference": "firefox-0:52.8.0-1.el6_9.s390x", "relates_to_product_reference": "6Workstation-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.src as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src" }, "product_reference": "firefox-0:52.8.0-1.el6_9.src", "relates_to_product_reference": "6Workstation-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64" }, "product_reference": "firefox-0:52.8.0-1.el6_9.x86_64", "relates_to_product_reference": "6Workstation-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.i686", "relates_to_product_reference": "6Workstation-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "relates_to_product_reference": "6Workstation-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "relates_to_product_reference": "6Workstation-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.s390 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.s390", "relates_to_product_reference": "6Workstation-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "relates_to_product_reference": "6Workstation-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "relates_to_product_reference": "6Workstation-optional-6.9.z" } ] }, "vulnerabilities": [ { "acknowledgments": [ { "names": [ "the Mozilla project" ] }, { "names": [ "Christoph Diehl", "Randell Jesup", "Tyson Smith", "Alex Gaynor", "Ronald Crane", "Julian Hector", "Kannan Vijayan", "Jason Kratzer" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2018-5150", "cwe": { "id": "CWE-120", "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)" }, "discovery_date": "2018-05-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1576250" } ], "notes": [ { "category": "description", "text": "Memory safety bugs were reported in Firefox 59, Firefox ESR 52.7, and Thunderbird 52.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird \u003c 52.8, Thunderbird ESR \u003c 52.8, Firefox \u003c 60, and Firefox ESR \u003c 52.8.", "title": "Vulnerability description" }, { "category": "summary", "text": "Mozilla: Memory safety bugs fixed in Firefox 60 and Firefox ESR 52.8", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-5150" }, { "category": "external", "summary": "RHBZ#1576250", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576250" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5150", "url": "https://www.cve.org/CVERecord?id=CVE-2018-5150" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5150", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5150" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5150", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5150" } ], "release_date": "2018-05-09T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-05-14T14:48:05+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.", "product_ids": [ "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1414" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "Mozilla: Memory safety bugs fixed in Firefox 60 and Firefox ESR 52.8" }, { "acknowledgments": [ { "names": [ "the Mozilla project" ] }, { "names": [ "Nils" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2018-5154", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "discovery_date": "2018-05-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1576255" } ], "notes": [ { "category": "description", "text": "A use-after-free vulnerability can occur while enumerating attributes during SVG animations with clip paths. This results in a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 52.8, Thunderbird ESR \u003c 52.8, Firefox \u003c 60, and Firefox ESR \u003c 52.8.", "title": "Vulnerability description" }, { "category": "summary", "text": "Mozilla: Use-after-free with SVG animations and clip paths", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-5154" }, { "category": "external", "summary": "RHBZ#1576255", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576255" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5154", "url": "https://www.cve.org/CVERecord?id=CVE-2018-5154" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5154", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5154" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5154", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5154" } ], "release_date": "2018-05-09T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-05-14T14:48:05+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.", "product_ids": [ "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1414" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "Mozilla: Use-after-free with SVG animations and clip paths" }, { "acknowledgments": [ { "names": [ "the Mozilla project" ] }, { "names": [ "Nils" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2018-5155", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "discovery_date": "2018-05-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1576257" } ], "notes": [ { "category": "description", "text": "A use-after-free vulnerability can occur while adjusting layout during SVG animations with text paths. This results in a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 52.8, Thunderbird ESR \u003c 52.8, Firefox \u003c 60, and Firefox ESR \u003c 52.8.", "title": "Vulnerability description" }, { "category": "summary", "text": "Mozilla: Use-after-free with SVG animations and text paths", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-5155" }, { "category": "external", "summary": "RHBZ#1576257", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576257" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5155", "url": "https://www.cve.org/CVERecord?id=CVE-2018-5155" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5155", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5155" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5155", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5155" } ], "release_date": "2018-05-09T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-05-14T14:48:05+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.", "product_ids": [ "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1414" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "Mozilla: Use-after-free with SVG animations and text paths" }, { "acknowledgments": [ { "names": [ "the Mozilla project" ] }, { "names": [ "Wladimir Palant" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2018-5157", "cwe": { "id": "CWE-829", "name": "Inclusion of Functionality from Untrusted Control Sphere" }, "discovery_date": "2018-05-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1576258" } ], "notes": [ { "category": "description", "text": "Same-origin protections for the PDF viewer can be bypassed, allowing a malicious site to intercept messages meant for the viewer. This could allow the site to retrieve PDF files restricted to viewing by an authenticated user on a third-party website. This vulnerability affects Firefox ESR \u003c 52.8 and Firefox \u003c 60.", "title": "Vulnerability description" }, { "category": "summary", "text": "Mozilla: Same-origin bypass of PDF Viewer to view protected PDF files", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-5157" }, { "category": "external", "summary": "RHBZ#1576258", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576258" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5157", "url": "https://www.cve.org/CVERecord?id=CVE-2018-5157" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5157", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5157" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5157", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5157" } ], "release_date": "2018-05-09T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-05-14T14:48:05+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.", "product_ids": [ "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1414" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "Mozilla: Same-origin bypass of PDF Viewer to view protected PDF files" }, { "acknowledgments": [ { "names": [ "the Mozilla project" ] }, { "names": [ "Wladimir Palant" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2018-5158", "cwe": { "id": "CWE-95", "name": "Improper Neutralization of Directives in Dynamically Evaluated Code (\u0027Eval Injection\u0027)" }, "discovery_date": "2018-05-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1576259" } ], "notes": [ { "category": "description", "text": "The PDF viewer does not sufficiently sanitize PostScript calculator functions, allowing malicious JavaScript to be injected through a crafted PDF file. This JavaScript can then be run with the permissions of the PDF viewer by its worker. This vulnerability affects Firefox ESR \u003c 52.8 and Firefox \u003c 60.", "title": "Vulnerability description" }, { "category": "summary", "text": "Mozilla: Malicious PDF can inject JavaScript into PDF Viewer", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-5158" }, { "category": "external", "summary": "RHBZ#1576259", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576259" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5158", "url": "https://www.cve.org/CVERecord?id=CVE-2018-5158" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5158", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5158" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5158", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5158" } ], "release_date": "2018-05-09T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-05-14T14:48:05+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.", "product_ids": [ "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1414" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "Mozilla: Malicious PDF can inject JavaScript into PDF Viewer" }, { "acknowledgments": [ { "names": [ "the Mozilla project" ] }, { "names": [ "Ivan Fratric" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2018-5159", "cwe": { "id": "CWE-120", "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)" }, "discovery_date": "2018-05-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1576260" } ], "notes": [ { "category": "description", "text": "An integer overflow can occur in the Skia library due to 32-bit integer use in an array without integer overflow checks, resulting in possible out-of-bounds writes. This could lead to a potentially exploitable crash triggerable by web content. This vulnerability affects Thunderbird \u003c 52.8, Thunderbird ESR \u003c 52.8, Firefox \u003c 60, and Firefox ESR \u003c 52.8.", "title": "Vulnerability description" }, { "category": "summary", "text": "Mozilla: Integer overflow and out-of-bounds write in Skia", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-5159" }, { "category": "external", "summary": "RHBZ#1576260", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576260" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5159", "url": "https://www.cve.org/CVERecord?id=CVE-2018-5159" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5159", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5159" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5159", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5159" } ], "release_date": "2018-05-09T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-05-14T14:48:05+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.", "product_ids": [ "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1414" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "Mozilla: Integer overflow and out-of-bounds write in Skia" }, { "acknowledgments": [ { "names": [ "the Mozilla project" ] }, { "names": [ "Wladimir Palant" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2018-5168", "cwe": { "id": "CWE-862", "name": "Missing Authorization" }, "discovery_date": "2018-05-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1576269" } ], "notes": [ { "category": "description", "text": "Sites can bypass security checks on permissions to install lightweight themes by manipulating the \"baseURI\" property of the theme element. This could allow a malicious site to install a theme without user interaction which could contain offensive or embarrassing images. This vulnerability affects Thunderbird \u003c 52.8, Thunderbird ESR \u003c 52.8, Firefox \u003c 60, and Firefox ESR \u003c 52.8.", "title": "Vulnerability description" }, { "category": "summary", "text": "Mozilla: Lightweight themes can be installed without user interaction", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-5168" }, { "category": "external", "summary": "RHBZ#1576269", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576269" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5168", "url": "https://www.cve.org/CVERecord?id=CVE-2018-5168" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5168", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5168" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5168", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5168" } ], "release_date": "2018-05-09T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-05-14T14:48:05+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.", "product_ids": [ "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1414" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0" }, "products": [ "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "Mozilla: Lightweight themes can be installed without user interaction" }, { "acknowledgments": [ { "names": [ "the Mozilla project" ] }, { "names": [ "Root Object" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2018-5178", "cwe": { "id": "CWE-120", "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)" }, "discovery_date": "2018-05-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1576278" } ], "notes": [ { "category": "description", "text": "A buffer overflow was found during UTF8 to Unicode string conversion within JavaScript with extremely large amounts of data. This vulnerability requires the use of a malicious or vulnerable legacy extension in order to occur. This vulnerability affects Thunderbird ESR \u003c 52.8, Thunderbird \u003c 52.8, and Firefox ESR \u003c 52.8.", "title": "Vulnerability description" }, { "category": "summary", "text": "Mozilla: Buffer overflow during UTF-8 to Unicode string conversion through legacy extension", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-5178" }, { "category": "external", "summary": "RHBZ#1576278", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576278" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5178", "url": "https://www.cve.org/CVERecord?id=CVE-2018-5178" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5178", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5178" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5178", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5178" } ], "release_date": "2018-05-09T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-05-14T14:48:05+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.", "product_ids": [ "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1414" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "Mozilla: Buffer overflow during UTF-8 to Unicode string conversion through legacy extension" }, { "acknowledgments": [ { "names": [ "the Mozilla project" ] }, { "names": [ "Mozilla Developers" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2018-5183", "cwe": { "id": "CWE-120", "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)" }, "discovery_date": "2018-05-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1576283" } ], "notes": [ { "category": "description", "text": "Mozilla developers backported selected changes in the Skia library. These changes correct memory corruption issues including invalid buffer reads and writes during graphic operations. This vulnerability affects Thunderbird ESR \u003c 52.8, Thunderbird \u003c 52.8, and Firefox ESR \u003c 52.8.", "title": "Vulnerability description" }, { "category": "summary", "text": "Mozilla: Backport critical security fixes in Skia", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-5183" }, { "category": "external", "summary": "RHBZ#1576283", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576283" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5183", "url": "https://www.cve.org/CVERecord?id=CVE-2018-5183" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5183", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5183" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5183", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5183" } ], "release_date": "2018-05-09T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-05-14T14:48:05+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.", "product_ids": [ "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1414" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "Mozilla: Backport critical security fixes in Skia" } ] }
rhsa-2018_1414
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Critical" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for firefox is now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.\n\nThis update upgrades Firefox to version 52.8.0 ESR.\n\nSecurity Fix(es):\n\n* Mozilla: Memory safety bugs fixed in Firefox 60 and Firefox ESR 52.8 (CVE-2018-5150)\n\n* Mozilla: Backport critical security fixes in Skia (CVE-2018-5183)\n\n* Mozilla: Use-after-free with SVG animations and clip paths (CVE-2018-5154)\n\n* Mozilla: Use-after-free with SVG animations and text paths (CVE-2018-5155)\n\n* Mozilla: Same-origin bypass of PDF Viewer to view protected PDF files (CVE-2018-5157)\n\n* Mozilla: Malicious PDF can inject JavaScript into PDF Viewer (CVE-2018-5158)\n\n* Mozilla: Integer overflow and out-of-bounds write in Skia (CVE-2018-5159)\n\n* Mozilla: Lightweight themes can be installed without user interaction (CVE-2018-5168)\n\n* Mozilla: Buffer overflow during UTF-8 to Unicode string conversion through legacy extension (CVE-2018-5178)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nRed Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Christoph Diehl, Randell Jesup, Tyson Smith, Alex Gaynor, Ronald Crane, Julian Hector, Kannan Vijayan, Jason Kratzer, Mozilla Developers, Nils, Wladimir Palant, Ivan Fratric, and Root Object as the original reporters.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2018:1414", "url": "https://access.redhat.com/errata/RHSA-2018:1414" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#critical", "url": "https://access.redhat.com/security/updates/classification/#critical" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-11/", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-11/" }, { "category": "external", "summary": "1576250", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576250" }, { "category": "external", "summary": "1576255", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576255" }, { "category": "external", "summary": "1576257", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576257" }, { "category": "external", "summary": "1576258", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576258" }, { "category": "external", "summary": "1576259", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576259" }, { "category": "external", "summary": "1576260", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576260" }, { "category": "external", "summary": "1576269", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576269" }, { "category": "external", "summary": "1576278", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576278" }, { "category": "external", "summary": "1576283", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576283" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_1414.json" } ], "title": "Red Hat Security Advisory: firefox security update", "tracking": { "current_release_date": "2024-11-22T11:58:04+00:00", "generator": { "date": "2024-11-22T11:58:04+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2018:1414", "initial_release_date": "2018-05-14T14:48:05+00:00", "revision_history": [ { "date": "2018-05-14T14:48:05+00:00", "number": "1", "summary": "Initial version" }, { "date": "2018-05-14T14:48:05+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-22T11:58:04+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux Desktop (v. 6)", "product": { "name": "Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client-6.9.z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:6::client" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Desktop Optional (v. 6)", "product": { "name": "Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.9.z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:6::client" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product": { "name": "Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.9.z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:6::computenode" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Server (v. 6)", "product": { "name": "Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.9.z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:6::server" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Server Optional (v. 6)", "product": { "name": "Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.9.z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:6::server" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Workstation (v. 6)", "product": { "name": "Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.9.z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:6::workstation" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Workstation Optional (v. 6)", "product": { "name": "Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.9.z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:6::workstation" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux" }, { "branches": [ { "category": "product_version", "name": "firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "product": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "product_id": "firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox-debuginfo@52.8.0-1.el6_9?arch=x86_64" } } }, { "category": "product_version", "name": "firefox-0:52.8.0-1.el6_9.x86_64", "product": { "name": "firefox-0:52.8.0-1.el6_9.x86_64", "product_id": "firefox-0:52.8.0-1.el6_9.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox@52.8.0-1.el6_9?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "firefox-debuginfo-0:52.8.0-1.el6_9.i686", "product": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.i686", "product_id": "firefox-debuginfo-0:52.8.0-1.el6_9.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox-debuginfo@52.8.0-1.el6_9?arch=i686" } } }, { "category": "product_version", "name": "firefox-0:52.8.0-1.el6_9.i686", "product": { "name": "firefox-0:52.8.0-1.el6_9.i686", "product_id": "firefox-0:52.8.0-1.el6_9.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox@52.8.0-1.el6_9?arch=i686" } } } ], "category": "architecture", "name": "i686" }, { "branches": [ { "category": "product_version", "name": "firefox-0:52.8.0-1.el6_9.src", "product": { "name": "firefox-0:52.8.0-1.el6_9.src", "product_id": "firefox-0:52.8.0-1.el6_9.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox@52.8.0-1.el6_9?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "product": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "product_id": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox-debuginfo@52.8.0-1.el6_9?arch=ppc" } } }, { "category": "product_version", "name": "firefox-0:52.8.0-1.el6_9.ppc", "product": { "name": "firefox-0:52.8.0-1.el6_9.ppc", "product_id": "firefox-0:52.8.0-1.el6_9.ppc", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox@52.8.0-1.el6_9?arch=ppc" } } } ], "category": "architecture", "name": "ppc" }, { "branches": [ { "category": "product_version", "name": "firefox-debuginfo-0:52.8.0-1.el6_9.s390", "product": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.s390", "product_id": "firefox-debuginfo-0:52.8.0-1.el6_9.s390", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox-debuginfo@52.8.0-1.el6_9?arch=s390" } } }, { "category": "product_version", "name": "firefox-0:52.8.0-1.el6_9.s390", "product": { "name": "firefox-0:52.8.0-1.el6_9.s390", "product_id": "firefox-0:52.8.0-1.el6_9.s390", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox@52.8.0-1.el6_9?arch=s390" } } } ], "category": "architecture", "name": "s390" }, { "branches": [ { "category": "product_version", "name": "firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "product": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "product_id": "firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox-debuginfo@52.8.0-1.el6_9?arch=s390x" } } }, { "category": "product_version", "name": "firefox-0:52.8.0-1.el6_9.s390x", "product": { "name": "firefox-0:52.8.0-1.el6_9.s390x", "product_id": "firefox-0:52.8.0-1.el6_9.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox@52.8.0-1.el6_9?arch=s390x" } } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "product": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "product_id": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox-debuginfo@52.8.0-1.el6_9?arch=ppc64" } } }, { "category": "product_version", "name": "firefox-0:52.8.0-1.el6_9.ppc64", "product": { "name": "firefox-0:52.8.0-1.el6_9.ppc64", "product_id": "firefox-0:52.8.0-1.el6_9.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox@52.8.0-1.el6_9?arch=ppc64" } } } ], "category": "architecture", "name": "ppc64" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686" }, "product_reference": "firefox-0:52.8.0-1.el6_9.i686", "relates_to_product_reference": "6Client-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.ppc as a component of Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc" }, "product_reference": "firefox-0:52.8.0-1.el6_9.ppc", "relates_to_product_reference": "6Client-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64" }, "product_reference": "firefox-0:52.8.0-1.el6_9.ppc64", "relates_to_product_reference": "6Client-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.s390 as a component of Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390" }, "product_reference": "firefox-0:52.8.0-1.el6_9.s390", "relates_to_product_reference": "6Client-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.s390x as a component of Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x" }, "product_reference": "firefox-0:52.8.0-1.el6_9.s390x", "relates_to_product_reference": "6Client-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.src as a component of Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src" }, "product_reference": "firefox-0:52.8.0-1.el6_9.src", "relates_to_product_reference": "6Client-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64" }, "product_reference": "firefox-0:52.8.0-1.el6_9.x86_64", "relates_to_product_reference": "6Client-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.i686", "relates_to_product_reference": "6Client-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc as a component of Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "relates_to_product_reference": "6Client-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "relates_to_product_reference": "6Client-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.s390 as a component of Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.s390", "relates_to_product_reference": "6Client-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.s390x as a component of Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "relates_to_product_reference": "6Client-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "relates_to_product_reference": "6Client-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686" }, "product_reference": "firefox-0:52.8.0-1.el6_9.i686", "relates_to_product_reference": "6Client-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.ppc as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc" }, "product_reference": "firefox-0:52.8.0-1.el6_9.ppc", "relates_to_product_reference": "6Client-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64" }, "product_reference": "firefox-0:52.8.0-1.el6_9.ppc64", "relates_to_product_reference": "6Client-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.s390 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390" }, "product_reference": "firefox-0:52.8.0-1.el6_9.s390", "relates_to_product_reference": "6Client-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x" }, "product_reference": "firefox-0:52.8.0-1.el6_9.s390x", "relates_to_product_reference": "6Client-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.src as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src" }, "product_reference": "firefox-0:52.8.0-1.el6_9.src", "relates_to_product_reference": "6Client-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64" }, "product_reference": "firefox-0:52.8.0-1.el6_9.x86_64", "relates_to_product_reference": "6Client-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.i686", "relates_to_product_reference": "6Client-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "relates_to_product_reference": "6Client-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "relates_to_product_reference": "6Client-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.s390 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.s390", "relates_to_product_reference": "6Client-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "relates_to_product_reference": "6Client-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "relates_to_product_reference": "6Client-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686" }, "product_reference": "firefox-0:52.8.0-1.el6_9.i686", "relates_to_product_reference": "6ComputeNode-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.ppc as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc" }, "product_reference": "firefox-0:52.8.0-1.el6_9.ppc", "relates_to_product_reference": "6ComputeNode-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64" }, "product_reference": "firefox-0:52.8.0-1.el6_9.ppc64", "relates_to_product_reference": "6ComputeNode-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.s390 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390" }, "product_reference": "firefox-0:52.8.0-1.el6_9.s390", "relates_to_product_reference": "6ComputeNode-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x" }, "product_reference": "firefox-0:52.8.0-1.el6_9.s390x", "relates_to_product_reference": "6ComputeNode-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.src as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src" }, "product_reference": "firefox-0:52.8.0-1.el6_9.src", "relates_to_product_reference": "6ComputeNode-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64" }, "product_reference": "firefox-0:52.8.0-1.el6_9.x86_64", "relates_to_product_reference": "6ComputeNode-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.i686", "relates_to_product_reference": "6ComputeNode-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "relates_to_product_reference": "6ComputeNode-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "relates_to_product_reference": "6ComputeNode-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.s390 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.s390", "relates_to_product_reference": "6ComputeNode-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "relates_to_product_reference": "6ComputeNode-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "relates_to_product_reference": "6ComputeNode-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.i686 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686" }, "product_reference": "firefox-0:52.8.0-1.el6_9.i686", "relates_to_product_reference": "6Server-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.ppc as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc" }, "product_reference": "firefox-0:52.8.0-1.el6_9.ppc", "relates_to_product_reference": "6Server-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64" }, "product_reference": "firefox-0:52.8.0-1.el6_9.ppc64", "relates_to_product_reference": "6Server-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.s390 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390" }, "product_reference": "firefox-0:52.8.0-1.el6_9.s390", "relates_to_product_reference": "6Server-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.s390x as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x" }, "product_reference": "firefox-0:52.8.0-1.el6_9.s390x", "relates_to_product_reference": "6Server-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.src as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src" }, "product_reference": "firefox-0:52.8.0-1.el6_9.src", "relates_to_product_reference": "6Server-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64" }, "product_reference": "firefox-0:52.8.0-1.el6_9.x86_64", "relates_to_product_reference": "6Server-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.i686 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.i686", "relates_to_product_reference": "6Server-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "relates_to_product_reference": "6Server-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "relates_to_product_reference": "6Server-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.s390 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.s390", "relates_to_product_reference": "6Server-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.s390x as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "relates_to_product_reference": "6Server-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "relates_to_product_reference": "6Server-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686" }, "product_reference": "firefox-0:52.8.0-1.el6_9.i686", "relates_to_product_reference": "6Server-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.ppc as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc" }, "product_reference": "firefox-0:52.8.0-1.el6_9.ppc", "relates_to_product_reference": "6Server-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64" }, "product_reference": "firefox-0:52.8.0-1.el6_9.ppc64", "relates_to_product_reference": "6Server-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.s390 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390" }, "product_reference": "firefox-0:52.8.0-1.el6_9.s390", "relates_to_product_reference": "6Server-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x" }, "product_reference": "firefox-0:52.8.0-1.el6_9.s390x", "relates_to_product_reference": "6Server-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.src as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src" }, "product_reference": "firefox-0:52.8.0-1.el6_9.src", "relates_to_product_reference": "6Server-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64" }, "product_reference": "firefox-0:52.8.0-1.el6_9.x86_64", "relates_to_product_reference": "6Server-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.i686", "relates_to_product_reference": "6Server-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "relates_to_product_reference": "6Server-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "relates_to_product_reference": "6Server-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.s390 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.s390", "relates_to_product_reference": "6Server-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "relates_to_product_reference": "6Server-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "relates_to_product_reference": "6Server-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686" }, "product_reference": "firefox-0:52.8.0-1.el6_9.i686", "relates_to_product_reference": "6Workstation-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.ppc as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc" }, "product_reference": "firefox-0:52.8.0-1.el6_9.ppc", "relates_to_product_reference": "6Workstation-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64" }, "product_reference": "firefox-0:52.8.0-1.el6_9.ppc64", "relates_to_product_reference": "6Workstation-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.s390 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390" }, "product_reference": "firefox-0:52.8.0-1.el6_9.s390", "relates_to_product_reference": "6Workstation-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x" }, "product_reference": "firefox-0:52.8.0-1.el6_9.s390x", "relates_to_product_reference": "6Workstation-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.src as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src" }, "product_reference": "firefox-0:52.8.0-1.el6_9.src", "relates_to_product_reference": "6Workstation-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64" }, "product_reference": "firefox-0:52.8.0-1.el6_9.x86_64", "relates_to_product_reference": "6Workstation-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.i686", "relates_to_product_reference": "6Workstation-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "relates_to_product_reference": "6Workstation-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "relates_to_product_reference": "6Workstation-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.s390 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.s390", "relates_to_product_reference": "6Workstation-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "relates_to_product_reference": "6Workstation-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "relates_to_product_reference": "6Workstation-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686" }, "product_reference": "firefox-0:52.8.0-1.el6_9.i686", "relates_to_product_reference": "6Workstation-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.ppc as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc" }, "product_reference": "firefox-0:52.8.0-1.el6_9.ppc", "relates_to_product_reference": "6Workstation-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64" }, "product_reference": "firefox-0:52.8.0-1.el6_9.ppc64", "relates_to_product_reference": "6Workstation-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.s390 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390" }, "product_reference": "firefox-0:52.8.0-1.el6_9.s390", "relates_to_product_reference": "6Workstation-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x" }, "product_reference": "firefox-0:52.8.0-1.el6_9.s390x", "relates_to_product_reference": "6Workstation-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.src as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src" }, "product_reference": "firefox-0:52.8.0-1.el6_9.src", "relates_to_product_reference": "6Workstation-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64" }, "product_reference": "firefox-0:52.8.0-1.el6_9.x86_64", "relates_to_product_reference": "6Workstation-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.i686", "relates_to_product_reference": "6Workstation-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "relates_to_product_reference": "6Workstation-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "relates_to_product_reference": "6Workstation-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.s390 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.s390", "relates_to_product_reference": "6Workstation-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "relates_to_product_reference": "6Workstation-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "relates_to_product_reference": "6Workstation-optional-6.9.z" } ] }, "vulnerabilities": [ { "acknowledgments": [ { "names": [ "the Mozilla project" ] }, { "names": [ "Christoph Diehl", "Randell Jesup", "Tyson Smith", "Alex Gaynor", "Ronald Crane", "Julian Hector", "Kannan Vijayan", "Jason Kratzer" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2018-5150", "cwe": { "id": "CWE-120", "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)" }, "discovery_date": "2018-05-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1576250" } ], "notes": [ { "category": "description", "text": "Memory safety bugs were reported in Firefox 59, Firefox ESR 52.7, and Thunderbird 52.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird \u003c 52.8, Thunderbird ESR \u003c 52.8, Firefox \u003c 60, and Firefox ESR \u003c 52.8.", "title": "Vulnerability description" }, { "category": "summary", "text": "Mozilla: Memory safety bugs fixed in Firefox 60 and Firefox ESR 52.8", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-5150" }, { "category": "external", "summary": "RHBZ#1576250", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576250" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5150", "url": "https://www.cve.org/CVERecord?id=CVE-2018-5150" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5150", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5150" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5150", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5150" } ], "release_date": "2018-05-09T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-05-14T14:48:05+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.", "product_ids": [ "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1414" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "Mozilla: Memory safety bugs fixed in Firefox 60 and Firefox ESR 52.8" }, { "acknowledgments": [ { "names": [ "the Mozilla project" ] }, { "names": [ "Nils" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2018-5154", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "discovery_date": "2018-05-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1576255" } ], "notes": [ { "category": "description", "text": "A use-after-free vulnerability can occur while enumerating attributes during SVG animations with clip paths. This results in a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 52.8, Thunderbird ESR \u003c 52.8, Firefox \u003c 60, and Firefox ESR \u003c 52.8.", "title": "Vulnerability description" }, { "category": "summary", "text": "Mozilla: Use-after-free with SVG animations and clip paths", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-5154" }, { "category": "external", "summary": "RHBZ#1576255", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576255" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5154", "url": "https://www.cve.org/CVERecord?id=CVE-2018-5154" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5154", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5154" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5154", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5154" } ], "release_date": "2018-05-09T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-05-14T14:48:05+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.", "product_ids": [ "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1414" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "Mozilla: Use-after-free with SVG animations and clip paths" }, { "acknowledgments": [ { "names": [ "the Mozilla project" ] }, { "names": [ "Nils" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2018-5155", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "discovery_date": "2018-05-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1576257" } ], "notes": [ { "category": "description", "text": "A use-after-free vulnerability can occur while adjusting layout during SVG animations with text paths. This results in a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 52.8, Thunderbird ESR \u003c 52.8, Firefox \u003c 60, and Firefox ESR \u003c 52.8.", "title": "Vulnerability description" }, { "category": "summary", "text": "Mozilla: Use-after-free with SVG animations and text paths", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-5155" }, { "category": "external", "summary": "RHBZ#1576257", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576257" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5155", "url": "https://www.cve.org/CVERecord?id=CVE-2018-5155" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5155", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5155" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5155", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5155" } ], "release_date": "2018-05-09T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-05-14T14:48:05+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.", "product_ids": [ "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1414" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "Mozilla: Use-after-free with SVG animations and text paths" }, { "acknowledgments": [ { "names": [ "the Mozilla project" ] }, { "names": [ "Wladimir Palant" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2018-5157", "cwe": { "id": "CWE-829", "name": "Inclusion of Functionality from Untrusted Control Sphere" }, "discovery_date": "2018-05-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1576258" } ], "notes": [ { "category": "description", "text": "Same-origin protections for the PDF viewer can be bypassed, allowing a malicious site to intercept messages meant for the viewer. This could allow the site to retrieve PDF files restricted to viewing by an authenticated user on a third-party website. This vulnerability affects Firefox ESR \u003c 52.8 and Firefox \u003c 60.", "title": "Vulnerability description" }, { "category": "summary", "text": "Mozilla: Same-origin bypass of PDF Viewer to view protected PDF files", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-5157" }, { "category": "external", "summary": "RHBZ#1576258", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576258" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5157", "url": "https://www.cve.org/CVERecord?id=CVE-2018-5157" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5157", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5157" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5157", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5157" } ], "release_date": "2018-05-09T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-05-14T14:48:05+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.", "product_ids": [ "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1414" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "Mozilla: Same-origin bypass of PDF Viewer to view protected PDF files" }, { "acknowledgments": [ { "names": [ "the Mozilla project" ] }, { "names": [ "Wladimir Palant" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2018-5158", "cwe": { "id": "CWE-95", "name": "Improper Neutralization of Directives in Dynamically Evaluated Code (\u0027Eval Injection\u0027)" }, "discovery_date": "2018-05-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1576259" } ], "notes": [ { "category": "description", "text": "The PDF viewer does not sufficiently sanitize PostScript calculator functions, allowing malicious JavaScript to be injected through a crafted PDF file. This JavaScript can then be run with the permissions of the PDF viewer by its worker. This vulnerability affects Firefox ESR \u003c 52.8 and Firefox \u003c 60.", "title": "Vulnerability description" }, { "category": "summary", "text": "Mozilla: Malicious PDF can inject JavaScript into PDF Viewer", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-5158" }, { "category": "external", "summary": "RHBZ#1576259", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576259" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5158", "url": "https://www.cve.org/CVERecord?id=CVE-2018-5158" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5158", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5158" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5158", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5158" } ], "release_date": "2018-05-09T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-05-14T14:48:05+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.", "product_ids": [ "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1414" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "Mozilla: Malicious PDF can inject JavaScript into PDF Viewer" }, { "acknowledgments": [ { "names": [ "the Mozilla project" ] }, { "names": [ "Ivan Fratric" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2018-5159", "cwe": { "id": "CWE-120", "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)" }, "discovery_date": "2018-05-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1576260" } ], "notes": [ { "category": "description", "text": "An integer overflow can occur in the Skia library due to 32-bit integer use in an array without integer overflow checks, resulting in possible out-of-bounds writes. This could lead to a potentially exploitable crash triggerable by web content. This vulnerability affects Thunderbird \u003c 52.8, Thunderbird ESR \u003c 52.8, Firefox \u003c 60, and Firefox ESR \u003c 52.8.", "title": "Vulnerability description" }, { "category": "summary", "text": "Mozilla: Integer overflow and out-of-bounds write in Skia", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-5159" }, { "category": "external", "summary": "RHBZ#1576260", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576260" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5159", "url": "https://www.cve.org/CVERecord?id=CVE-2018-5159" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5159", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5159" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5159", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5159" } ], "release_date": "2018-05-09T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-05-14T14:48:05+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.", "product_ids": [ "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1414" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "Mozilla: Integer overflow and out-of-bounds write in Skia" }, { "acknowledgments": [ { "names": [ "the Mozilla project" ] }, { "names": [ "Wladimir Palant" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2018-5168", "cwe": { "id": "CWE-862", "name": "Missing Authorization" }, "discovery_date": "2018-05-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1576269" } ], "notes": [ { "category": "description", "text": "Sites can bypass security checks on permissions to install lightweight themes by manipulating the \"baseURI\" property of the theme element. This could allow a malicious site to install a theme without user interaction which could contain offensive or embarrassing images. This vulnerability affects Thunderbird \u003c 52.8, Thunderbird ESR \u003c 52.8, Firefox \u003c 60, and Firefox ESR \u003c 52.8.", "title": "Vulnerability description" }, { "category": "summary", "text": "Mozilla: Lightweight themes can be installed without user interaction", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-5168" }, { "category": "external", "summary": "RHBZ#1576269", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576269" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5168", "url": "https://www.cve.org/CVERecord?id=CVE-2018-5168" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5168", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5168" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5168", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5168" } ], "release_date": "2018-05-09T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-05-14T14:48:05+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.", "product_ids": [ "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1414" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0" }, "products": [ "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "Mozilla: Lightweight themes can be installed without user interaction" }, { "acknowledgments": [ { "names": [ "the Mozilla project" ] }, { "names": [ "Root Object" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2018-5178", "cwe": { "id": "CWE-120", "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)" }, "discovery_date": "2018-05-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1576278" } ], "notes": [ { "category": "description", "text": "A buffer overflow was found during UTF8 to Unicode string conversion within JavaScript with extremely large amounts of data. This vulnerability requires the use of a malicious or vulnerable legacy extension in order to occur. This vulnerability affects Thunderbird ESR \u003c 52.8, Thunderbird \u003c 52.8, and Firefox ESR \u003c 52.8.", "title": "Vulnerability description" }, { "category": "summary", "text": "Mozilla: Buffer overflow during UTF-8 to Unicode string conversion through legacy extension", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-5178" }, { "category": "external", "summary": "RHBZ#1576278", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576278" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5178", "url": "https://www.cve.org/CVERecord?id=CVE-2018-5178" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5178", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5178" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5178", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5178" } ], "release_date": "2018-05-09T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-05-14T14:48:05+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.", "product_ids": [ "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1414" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "Mozilla: Buffer overflow during UTF-8 to Unicode string conversion through legacy extension" }, { "acknowledgments": [ { "names": [ "the Mozilla project" ] }, { "names": [ "Mozilla Developers" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2018-5183", "cwe": { "id": "CWE-120", "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)" }, "discovery_date": "2018-05-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1576283" } ], "notes": [ { "category": "description", "text": "Mozilla developers backported selected changes in the Skia library. These changes correct memory corruption issues including invalid buffer reads and writes during graphic operations. This vulnerability affects Thunderbird ESR \u003c 52.8, Thunderbird \u003c 52.8, and Firefox ESR \u003c 52.8.", "title": "Vulnerability description" }, { "category": "summary", "text": "Mozilla: Backport critical security fixes in Skia", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-5183" }, { "category": "external", "summary": "RHBZ#1576283", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576283" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5183", "url": "https://www.cve.org/CVERecord?id=CVE-2018-5183" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5183", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5183" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5183", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5183" } ], "release_date": "2018-05-09T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-05-14T14:48:05+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.", "product_ids": [ "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1414" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "Mozilla: Backport critical security fixes in Skia" } ] }
RHSA-2018:1415
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Critical" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for firefox is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.\n\nThis update upgrades Firefox to version 52.8.0 ESR.\n\nSecurity Fix(es):\n\n* Mozilla: Memory safety bugs fixed in Firefox 60 and Firefox ESR 52.8 (CVE-2018-5150)\n\n* Mozilla: Backport critical security fixes in Skia (CVE-2018-5183)\n\n* Mozilla: Use-after-free with SVG animations and clip paths (CVE-2018-5154)\n\n* Mozilla: Use-after-free with SVG animations and text paths (CVE-2018-5155)\n\n* Mozilla: Same-origin bypass of PDF Viewer to view protected PDF files (CVE-2018-5157)\n\n* Mozilla: Malicious PDF can inject JavaScript into PDF Viewer (CVE-2018-5158)\n\n* Mozilla: Integer overflow and out-of-bounds write in Skia (CVE-2018-5159)\n\n* Mozilla: Lightweight themes can be installed without user interaction (CVE-2018-5168)\n\n* Mozilla: Buffer overflow during UTF-8 to Unicode string conversion through legacy extension (CVE-2018-5178)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nRed Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Christoph Diehl, Randell Jesup, Tyson Smith, Alex Gaynor, Ronald Crane, Julian Hector, Kannan Vijayan, Jason Kratzer, Mozilla Developers, Nils, Wladimir Palant, Ivan Fratric, and Root Object as the original reporters.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2018:1415", "url": "https://access.redhat.com/errata/RHSA-2018:1415" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#critical", "url": "https://access.redhat.com/security/updates/classification/#critical" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/" }, { "category": "external", "summary": "1576250", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576250" }, { "category": "external", "summary": "1576255", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576255" }, { "category": "external", "summary": "1576257", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576257" }, { "category": "external", "summary": "1576258", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576258" }, { "category": "external", "summary": "1576259", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576259" }, { "category": "external", "summary": "1576260", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576260" }, { "category": "external", "summary": "1576269", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576269" }, { "category": "external", "summary": "1576278", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576278" }, { "category": "external", "summary": "1576283", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576283" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_1415.json" } ], "title": "Red Hat Security Advisory: firefox security update", "tracking": { "current_release_date": "2024-11-22T11:57:58+00:00", "generator": { "date": "2024-11-22T11:57:58+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2018:1415", "initial_release_date": "2018-05-14T15:19:04+00:00", "revision_history": [ { "date": "2018-05-14T15:19:04+00:00", "number": "1", "summary": "Initial version" }, { "date": "2018-05-14T15:19:04+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-22T11:57:58+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux Client (v. 7)", "product": { "name": "Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.5.Z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:7::client" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Client Optional (v. 7)", "product": { "name": "Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.5.Z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:7::client" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Server (v. 7)", "product": { "name": "Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.5.Z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:7::server" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product": { "name": "Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-Alt-7.5.Z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:7::server" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Server Optional (v. 7)", "product": { "name": "Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.5.Z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:7::server" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product": { "name": "Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product_id": "7Server-optional-Alt-7.5.Z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:7::server" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Workstation (v. 7)", "product": { "name": "Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.5.Z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:7::workstation" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Workstation Optional (v. 7)", "product": { "name": "Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.5.Z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:7::workstation" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux" }, { "branches": [ { "category": "product_version", "name": "firefox-0:52.8.0-1.el7_5.x86_64", "product": { "name": "firefox-0:52.8.0-1.el7_5.x86_64", "product_id": "firefox-0:52.8.0-1.el7_5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox@52.8.0-1.el7_5?arch=x86_64" } } }, { "category": "product_version", "name": "firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "product": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "product_id": "firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox-debuginfo@52.8.0-1.el7_5?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "firefox-0:52.8.0-1.el7_5.src", "product": { "name": "firefox-0:52.8.0-1.el7_5.src", "product_id": "firefox-0:52.8.0-1.el7_5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox@52.8.0-1.el7_5?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "firefox-0:52.8.0-1.el7_5.i686", "product": { "name": "firefox-0:52.8.0-1.el7_5.i686", "product_id": "firefox-0:52.8.0-1.el7_5.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox@52.8.0-1.el7_5?arch=i686" } } }, { "category": "product_version", "name": "firefox-debuginfo-0:52.8.0-1.el7_5.i686", "product": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.i686", "product_id": "firefox-debuginfo-0:52.8.0-1.el7_5.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox-debuginfo@52.8.0-1.el7_5?arch=i686" } } } ], "category": "architecture", "name": "i686" }, { "branches": [ { "category": "product_version", "name": "firefox-0:52.8.0-1.el7_5.s390x", "product": { "name": "firefox-0:52.8.0-1.el7_5.s390x", "product_id": "firefox-0:52.8.0-1.el7_5.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox@52.8.0-1.el7_5?arch=s390x" } } }, { "category": "product_version", "name": "firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "product": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "product_id": "firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox-debuginfo@52.8.0-1.el7_5?arch=s390x" } } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "firefox-0:52.8.0-1.el7_5.ppc64", "product": { "name": "firefox-0:52.8.0-1.el7_5.ppc64", "product_id": "firefox-0:52.8.0-1.el7_5.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox@52.8.0-1.el7_5?arch=ppc64" } } }, { "category": "product_version", "name": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "product": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "product_id": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox-debuginfo@52.8.0-1.el7_5?arch=ppc64" } } } ], "category": "architecture", "name": "ppc64" }, { "branches": [ { "category": "product_version", "name": "firefox-0:52.8.0-1.el7_5.ppc64le", "product": { "name": "firefox-0:52.8.0-1.el7_5.ppc64le", "product_id": "firefox-0:52.8.0-1.el7_5.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox@52.8.0-1.el7_5?arch=ppc64le" } } }, { "category": "product_version", "name": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "product": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "product_id": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox-debuginfo@52.8.0-1.el7_5?arch=ppc64le" } } } ], "category": "architecture", "name": "ppc64le" }, { "branches": [ { "category": "product_version", "name": "firefox-0:52.8.0-1.el7_5.aarch64", "product": { "name": "firefox-0:52.8.0-1.el7_5.aarch64", "product_id": "firefox-0:52.8.0-1.el7_5.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox@52.8.0-1.el7_5?arch=aarch64" } } }, { "category": "product_version", "name": "firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "product": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "product_id": "firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox-debuginfo@52.8.0-1.el7_5?arch=aarch64" } } } ], "category": "architecture", "name": "aarch64" }, { "branches": [ { "category": "product_version", "name": "firefox-0:52.8.0-1.el7_5.s390", "product": { "name": "firefox-0:52.8.0-1.el7_5.s390", "product_id": "firefox-0:52.8.0-1.el7_5.s390", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox@52.8.0-1.el7_5?arch=s390" } } }, { "category": "product_version", "name": "firefox-debuginfo-0:52.8.0-1.el7_5.s390", "product": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.s390", "product_id": "firefox-debuginfo-0:52.8.0-1.el7_5.s390", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox-debuginfo@52.8.0-1.el7_5?arch=s390" } } } ], "category": "architecture", "name": "s390" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.aarch64 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64" }, "product_reference": "firefox-0:52.8.0-1.el7_5.aarch64", "relates_to_product_reference": "7Client-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.i686 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686" }, "product_reference": "firefox-0:52.8.0-1.el7_5.i686", "relates_to_product_reference": "7Client-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64" }, "product_reference": "firefox-0:52.8.0-1.el7_5.ppc64", "relates_to_product_reference": "7Client-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le" }, "product_reference": "firefox-0:52.8.0-1.el7_5.ppc64le", "relates_to_product_reference": "7Client-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.s390 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390" }, "product_reference": "firefox-0:52.8.0-1.el7_5.s390", "relates_to_product_reference": "7Client-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.s390x as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x" }, "product_reference": "firefox-0:52.8.0-1.el7_5.s390x", "relates_to_product_reference": "7Client-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.src as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src" }, "product_reference": "firefox-0:52.8.0-1.el7_5.src", "relates_to_product_reference": "7Client-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64" }, "product_reference": "firefox-0:52.8.0-1.el7_5.x86_64", "relates_to_product_reference": "7Client-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.aarch64 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "relates_to_product_reference": "7Client-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.i686 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.i686", "relates_to_product_reference": "7Client-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "relates_to_product_reference": "7Client-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "relates_to_product_reference": "7Client-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.s390 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.s390", "relates_to_product_reference": "7Client-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.s390x as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "relates_to_product_reference": "7Client-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "relates_to_product_reference": "7Client-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.aarch64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64" }, "product_reference": "firefox-0:52.8.0-1.el7_5.aarch64", "relates_to_product_reference": "7Client-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.i686 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686" }, "product_reference": "firefox-0:52.8.0-1.el7_5.i686", "relates_to_product_reference": "7Client-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64" }, "product_reference": "firefox-0:52.8.0-1.el7_5.ppc64", "relates_to_product_reference": "7Client-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le" }, "product_reference": "firefox-0:52.8.0-1.el7_5.ppc64le", "relates_to_product_reference": "7Client-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.s390 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390" }, "product_reference": "firefox-0:52.8.0-1.el7_5.s390", "relates_to_product_reference": "7Client-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x" }, "product_reference": "firefox-0:52.8.0-1.el7_5.s390x", "relates_to_product_reference": "7Client-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.src as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src" }, "product_reference": "firefox-0:52.8.0-1.el7_5.src", "relates_to_product_reference": "7Client-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64" }, "product_reference": "firefox-0:52.8.0-1.el7_5.x86_64", "relates_to_product_reference": "7Client-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.aarch64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "relates_to_product_reference": "7Client-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.i686 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.i686", "relates_to_product_reference": "7Client-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "relates_to_product_reference": "7Client-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "relates_to_product_reference": "7Client-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.s390 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.s390", "relates_to_product_reference": "7Client-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "relates_to_product_reference": "7Client-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "relates_to_product_reference": "7Client-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.aarch64 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64" }, "product_reference": "firefox-0:52.8.0-1.el7_5.aarch64", "relates_to_product_reference": "7Server-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.i686 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686" }, "product_reference": "firefox-0:52.8.0-1.el7_5.i686", "relates_to_product_reference": "7Server-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64" }, "product_reference": "firefox-0:52.8.0-1.el7_5.ppc64", "relates_to_product_reference": "7Server-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le" }, "product_reference": "firefox-0:52.8.0-1.el7_5.ppc64le", "relates_to_product_reference": "7Server-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.s390 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390" }, "product_reference": "firefox-0:52.8.0-1.el7_5.s390", "relates_to_product_reference": "7Server-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.s390x as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x" }, "product_reference": "firefox-0:52.8.0-1.el7_5.s390x", "relates_to_product_reference": "7Server-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.src as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src" }, "product_reference": "firefox-0:52.8.0-1.el7_5.src", "relates_to_product_reference": "7Server-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64" }, "product_reference": "firefox-0:52.8.0-1.el7_5.x86_64", "relates_to_product_reference": "7Server-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.aarch64 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "relates_to_product_reference": "7Server-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.i686 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.i686", "relates_to_product_reference": "7Server-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "relates_to_product_reference": "7Server-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "relates_to_product_reference": "7Server-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.s390 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.s390", "relates_to_product_reference": "7Server-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.s390x as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "relates_to_product_reference": "7Server-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "relates_to_product_reference": "7Server-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.aarch64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64" }, "product_reference": "firefox-0:52.8.0-1.el7_5.aarch64", "relates_to_product_reference": "7Server-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.i686 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686" }, "product_reference": "firefox-0:52.8.0-1.el7_5.i686", "relates_to_product_reference": "7Server-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.ppc64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64" }, "product_reference": "firefox-0:52.8.0-1.el7_5.ppc64", "relates_to_product_reference": "7Server-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le" }, "product_reference": "firefox-0:52.8.0-1.el7_5.ppc64le", "relates_to_product_reference": "7Server-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.s390 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390" }, "product_reference": "firefox-0:52.8.0-1.el7_5.s390", "relates_to_product_reference": "7Server-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.s390x as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x" }, "product_reference": "firefox-0:52.8.0-1.el7_5.s390x", "relates_to_product_reference": "7Server-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.src as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src" }, "product_reference": "firefox-0:52.8.0-1.el7_5.src", "relates_to_product_reference": "7Server-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.x86_64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64" }, "product_reference": "firefox-0:52.8.0-1.el7_5.x86_64", "relates_to_product_reference": "7Server-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.aarch64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "relates_to_product_reference": "7Server-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.i686 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.i686", "relates_to_product_reference": "7Server-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "relates_to_product_reference": "7Server-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "relates_to_product_reference": "7Server-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.s390 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.s390", "relates_to_product_reference": "7Server-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.s390x as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "relates_to_product_reference": "7Server-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.x86_64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "relates_to_product_reference": "7Server-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.aarch64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64" }, "product_reference": "firefox-0:52.8.0-1.el7_5.aarch64", "relates_to_product_reference": "7Server-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686" }, "product_reference": "firefox-0:52.8.0-1.el7_5.i686", "relates_to_product_reference": "7Server-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64" }, "product_reference": "firefox-0:52.8.0-1.el7_5.ppc64", "relates_to_product_reference": "7Server-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le" }, "product_reference": "firefox-0:52.8.0-1.el7_5.ppc64le", "relates_to_product_reference": "7Server-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.s390 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390" }, "product_reference": "firefox-0:52.8.0-1.el7_5.s390", "relates_to_product_reference": "7Server-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x" }, "product_reference": "firefox-0:52.8.0-1.el7_5.s390x", "relates_to_product_reference": "7Server-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.src as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src" }, "product_reference": "firefox-0:52.8.0-1.el7_5.src", "relates_to_product_reference": "7Server-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64" }, "product_reference": "firefox-0:52.8.0-1.el7_5.x86_64", "relates_to_product_reference": "7Server-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.aarch64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "relates_to_product_reference": "7Server-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.i686", "relates_to_product_reference": "7Server-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "relates_to_product_reference": "7Server-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "relates_to_product_reference": "7Server-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.s390 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.s390", "relates_to_product_reference": "7Server-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "relates_to_product_reference": "7Server-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "relates_to_product_reference": "7Server-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.aarch64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product_id": "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64" }, "product_reference": "firefox-0:52.8.0-1.el7_5.aarch64", "relates_to_product_reference": "7Server-optional-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.i686 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product_id": "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686" }, "product_reference": "firefox-0:52.8.0-1.el7_5.i686", "relates_to_product_reference": "7Server-optional-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.ppc64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product_id": "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64" }, "product_reference": "firefox-0:52.8.0-1.el7_5.ppc64", "relates_to_product_reference": "7Server-optional-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product_id": "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le" }, "product_reference": "firefox-0:52.8.0-1.el7_5.ppc64le", "relates_to_product_reference": "7Server-optional-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.s390 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product_id": "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390" }, "product_reference": "firefox-0:52.8.0-1.el7_5.s390", "relates_to_product_reference": "7Server-optional-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.s390x as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product_id": "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x" }, "product_reference": "firefox-0:52.8.0-1.el7_5.s390x", "relates_to_product_reference": "7Server-optional-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.src as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product_id": "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src" }, "product_reference": "firefox-0:52.8.0-1.el7_5.src", "relates_to_product_reference": "7Server-optional-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.x86_64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product_id": "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64" }, "product_reference": "firefox-0:52.8.0-1.el7_5.x86_64", "relates_to_product_reference": "7Server-optional-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.aarch64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product_id": "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "relates_to_product_reference": "7Server-optional-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.i686 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product_id": "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.i686", "relates_to_product_reference": "7Server-optional-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product_id": "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "relates_to_product_reference": "7Server-optional-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product_id": "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "relates_to_product_reference": "7Server-optional-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.s390 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product_id": "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.s390", "relates_to_product_reference": "7Server-optional-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.s390x as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product_id": "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "relates_to_product_reference": "7Server-optional-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.x86_64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product_id": "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "relates_to_product_reference": "7Server-optional-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.aarch64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64" }, "product_reference": "firefox-0:52.8.0-1.el7_5.aarch64", "relates_to_product_reference": "7Workstation-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.i686 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686" }, "product_reference": "firefox-0:52.8.0-1.el7_5.i686", "relates_to_product_reference": "7Workstation-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64" }, "product_reference": "firefox-0:52.8.0-1.el7_5.ppc64", "relates_to_product_reference": "7Workstation-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le" }, "product_reference": "firefox-0:52.8.0-1.el7_5.ppc64le", "relates_to_product_reference": "7Workstation-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.s390 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390" }, "product_reference": "firefox-0:52.8.0-1.el7_5.s390", "relates_to_product_reference": "7Workstation-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x" }, "product_reference": "firefox-0:52.8.0-1.el7_5.s390x", "relates_to_product_reference": "7Workstation-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.src as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src" }, "product_reference": "firefox-0:52.8.0-1.el7_5.src", "relates_to_product_reference": "7Workstation-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64" }, "product_reference": "firefox-0:52.8.0-1.el7_5.x86_64", "relates_to_product_reference": "7Workstation-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.aarch64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "relates_to_product_reference": "7Workstation-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.i686 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.i686", "relates_to_product_reference": "7Workstation-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "relates_to_product_reference": "7Workstation-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "relates_to_product_reference": "7Workstation-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.s390 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.s390", "relates_to_product_reference": "7Workstation-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "relates_to_product_reference": "7Workstation-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "relates_to_product_reference": "7Workstation-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.aarch64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64" }, "product_reference": "firefox-0:52.8.0-1.el7_5.aarch64", "relates_to_product_reference": "7Workstation-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686" }, "product_reference": "firefox-0:52.8.0-1.el7_5.i686", "relates_to_product_reference": "7Workstation-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64" }, "product_reference": "firefox-0:52.8.0-1.el7_5.ppc64", "relates_to_product_reference": "7Workstation-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le" }, "product_reference": "firefox-0:52.8.0-1.el7_5.ppc64le", "relates_to_product_reference": "7Workstation-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.s390 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390" }, "product_reference": "firefox-0:52.8.0-1.el7_5.s390", "relates_to_product_reference": "7Workstation-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x" }, "product_reference": "firefox-0:52.8.0-1.el7_5.s390x", "relates_to_product_reference": "7Workstation-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.src as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src" }, "product_reference": "firefox-0:52.8.0-1.el7_5.src", "relates_to_product_reference": "7Workstation-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64" }, "product_reference": "firefox-0:52.8.0-1.el7_5.x86_64", "relates_to_product_reference": "7Workstation-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.aarch64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "relates_to_product_reference": "7Workstation-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.i686", "relates_to_product_reference": "7Workstation-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "relates_to_product_reference": "7Workstation-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "relates_to_product_reference": "7Workstation-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.s390 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.s390", "relates_to_product_reference": "7Workstation-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "relates_to_product_reference": "7Workstation-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "relates_to_product_reference": "7Workstation-optional-7.5.Z" } ] }, "vulnerabilities": [ { "acknowledgments": [ { "names": [ "the Mozilla project" ] }, { "names": [ "Christoph Diehl", "Randell Jesup", "Tyson Smith", "Alex Gaynor", "Ronald Crane", "Julian Hector", "Kannan Vijayan", "Jason Kratzer" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2018-5150", "cwe": { "id": "CWE-120", "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)" }, "discovery_date": "2018-05-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1576250" } ], "notes": [ { "category": "description", "text": "Memory safety bugs were reported in Firefox 59, Firefox ESR 52.7, and Thunderbird 52.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird \u003c 52.8, Thunderbird ESR \u003c 52.8, Firefox \u003c 60, and Firefox ESR \u003c 52.8.", "title": "Vulnerability description" }, { "category": "summary", "text": "Mozilla: Memory safety bugs fixed in Firefox 60 and Firefox ESR 52.8", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-5150" }, { "category": "external", "summary": "RHBZ#1576250", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576250" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5150", "url": "https://www.cve.org/CVERecord?id=CVE-2018-5150" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5150", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5150" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5150", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5150" } ], "release_date": "2018-05-09T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-05-14T15:19:04+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.", "product_ids": [ "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1415" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "Mozilla: Memory safety bugs fixed in Firefox 60 and Firefox ESR 52.8" }, { "acknowledgments": [ { "names": [ "the Mozilla project" ] }, { "names": [ "Nils" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2018-5154", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "discovery_date": "2018-05-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1576255" } ], "notes": [ { "category": "description", "text": "A use-after-free vulnerability can occur while enumerating attributes during SVG animations with clip paths. This results in a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 52.8, Thunderbird ESR \u003c 52.8, Firefox \u003c 60, and Firefox ESR \u003c 52.8.", "title": "Vulnerability description" }, { "category": "summary", "text": "Mozilla: Use-after-free with SVG animations and clip paths", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-5154" }, { "category": "external", "summary": "RHBZ#1576255", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576255" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5154", "url": "https://www.cve.org/CVERecord?id=CVE-2018-5154" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5154", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5154" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5154", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5154" } ], "release_date": "2018-05-09T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-05-14T15:19:04+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.", "product_ids": [ "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1415" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "Mozilla: Use-after-free with SVG animations and clip paths" }, { "acknowledgments": [ { "names": [ "the Mozilla project" ] }, { "names": [ "Nils" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2018-5155", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "discovery_date": "2018-05-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1576257" } ], "notes": [ { "category": "description", "text": "A use-after-free vulnerability can occur while adjusting layout during SVG animations with text paths. This results in a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 52.8, Thunderbird ESR \u003c 52.8, Firefox \u003c 60, and Firefox ESR \u003c 52.8.", "title": "Vulnerability description" }, { "category": "summary", "text": "Mozilla: Use-after-free with SVG animations and text paths", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-5155" }, { "category": "external", "summary": "RHBZ#1576257", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576257" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5155", "url": "https://www.cve.org/CVERecord?id=CVE-2018-5155" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5155", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5155" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5155", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5155" } ], "release_date": "2018-05-09T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-05-14T15:19:04+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.", "product_ids": [ "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1415" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "Mozilla: Use-after-free with SVG animations and text paths" }, { "acknowledgments": [ { "names": [ "the Mozilla project" ] }, { "names": [ "Wladimir Palant" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2018-5157", "cwe": { "id": "CWE-829", "name": "Inclusion of Functionality from Untrusted Control Sphere" }, "discovery_date": "2018-05-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1576258" } ], "notes": [ { "category": "description", "text": "Same-origin protections for the PDF viewer can be bypassed, allowing a malicious site to intercept messages meant for the viewer. This could allow the site to retrieve PDF files restricted to viewing by an authenticated user on a third-party website. This vulnerability affects Firefox ESR \u003c 52.8 and Firefox \u003c 60.", "title": "Vulnerability description" }, { "category": "summary", "text": "Mozilla: Same-origin bypass of PDF Viewer to view protected PDF files", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-5157" }, { "category": "external", "summary": "RHBZ#1576258", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576258" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5157", "url": "https://www.cve.org/CVERecord?id=CVE-2018-5157" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5157", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5157" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5157", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5157" } ], "release_date": "2018-05-09T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-05-14T15:19:04+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.", "product_ids": [ "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1415" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "Mozilla: Same-origin bypass of PDF Viewer to view protected PDF files" }, { "acknowledgments": [ { "names": [ "the Mozilla project" ] }, { "names": [ "Wladimir Palant" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2018-5158", "cwe": { "id": "CWE-95", "name": "Improper Neutralization of Directives in Dynamically Evaluated Code (\u0027Eval Injection\u0027)" }, "discovery_date": "2018-05-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1576259" } ], "notes": [ { "category": "description", "text": "The PDF viewer does not sufficiently sanitize PostScript calculator functions, allowing malicious JavaScript to be injected through a crafted PDF file. This JavaScript can then be run with the permissions of the PDF viewer by its worker. This vulnerability affects Firefox ESR \u003c 52.8 and Firefox \u003c 60.", "title": "Vulnerability description" }, { "category": "summary", "text": "Mozilla: Malicious PDF can inject JavaScript into PDF Viewer", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-5158" }, { "category": "external", "summary": "RHBZ#1576259", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576259" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5158", "url": "https://www.cve.org/CVERecord?id=CVE-2018-5158" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5158", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5158" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5158", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5158" } ], "release_date": "2018-05-09T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-05-14T15:19:04+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.", "product_ids": [ "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1415" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "Mozilla: Malicious PDF can inject JavaScript into PDF Viewer" }, { "acknowledgments": [ { "names": [ "the Mozilla project" ] }, { "names": [ "Ivan Fratric" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2018-5159", "cwe": { "id": "CWE-120", "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)" }, "discovery_date": "2018-05-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1576260" } ], "notes": [ { "category": "description", "text": "An integer overflow can occur in the Skia library due to 32-bit integer use in an array without integer overflow checks, resulting in possible out-of-bounds writes. This could lead to a potentially exploitable crash triggerable by web content. This vulnerability affects Thunderbird \u003c 52.8, Thunderbird ESR \u003c 52.8, Firefox \u003c 60, and Firefox ESR \u003c 52.8.", "title": "Vulnerability description" }, { "category": "summary", "text": "Mozilla: Integer overflow and out-of-bounds write in Skia", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-5159" }, { "category": "external", "summary": "RHBZ#1576260", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576260" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5159", "url": "https://www.cve.org/CVERecord?id=CVE-2018-5159" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5159", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5159" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5159", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5159" } ], "release_date": "2018-05-09T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-05-14T15:19:04+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.", "product_ids": [ "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1415" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "Mozilla: Integer overflow and out-of-bounds write in Skia" }, { "acknowledgments": [ { "names": [ "the Mozilla project" ] }, { "names": [ "Wladimir Palant" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2018-5168", "cwe": { "id": "CWE-862", "name": "Missing Authorization" }, "discovery_date": "2018-05-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1576269" } ], "notes": [ { "category": "description", "text": "Sites can bypass security checks on permissions to install lightweight themes by manipulating the \"baseURI\" property of the theme element. This could allow a malicious site to install a theme without user interaction which could contain offensive or embarrassing images. This vulnerability affects Thunderbird \u003c 52.8, Thunderbird ESR \u003c 52.8, Firefox \u003c 60, and Firefox ESR \u003c 52.8.", "title": "Vulnerability description" }, { "category": "summary", "text": "Mozilla: Lightweight themes can be installed without user interaction", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-5168" }, { "category": "external", "summary": "RHBZ#1576269", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576269" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5168", "url": "https://www.cve.org/CVERecord?id=CVE-2018-5168" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5168", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5168" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5168", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5168" } ], "release_date": "2018-05-09T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-05-14T15:19:04+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.", "product_ids": [ "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1415" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0" }, "products": [ "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "Mozilla: Lightweight themes can be installed without user interaction" }, { "acknowledgments": [ { "names": [ "the Mozilla project" ] }, { "names": [ "Root Object" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2018-5178", "cwe": { "id": "CWE-120", "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)" }, "discovery_date": "2018-05-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1576278" } ], "notes": [ { "category": "description", "text": "A buffer overflow was found during UTF8 to Unicode string conversion within JavaScript with extremely large amounts of data. This vulnerability requires the use of a malicious or vulnerable legacy extension in order to occur. This vulnerability affects Thunderbird ESR \u003c 52.8, Thunderbird \u003c 52.8, and Firefox ESR \u003c 52.8.", "title": "Vulnerability description" }, { "category": "summary", "text": "Mozilla: Buffer overflow during UTF-8 to Unicode string conversion through legacy extension", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-5178" }, { "category": "external", "summary": "RHBZ#1576278", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576278" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5178", "url": "https://www.cve.org/CVERecord?id=CVE-2018-5178" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5178", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5178" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5178", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5178" } ], "release_date": "2018-05-09T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-05-14T15:19:04+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.", "product_ids": [ "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1415" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "Mozilla: Buffer overflow during UTF-8 to Unicode string conversion through legacy extension" }, { "acknowledgments": [ { "names": [ "the Mozilla project" ] }, { "names": [ "Mozilla Developers" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2018-5183", "cwe": { "id": "CWE-120", "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)" }, "discovery_date": "2018-05-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1576283" } ], "notes": [ { "category": "description", "text": "Mozilla developers backported selected changes in the Skia library. These changes correct memory corruption issues including invalid buffer reads and writes during graphic operations. This vulnerability affects Thunderbird ESR \u003c 52.8, Thunderbird \u003c 52.8, and Firefox ESR \u003c 52.8.", "title": "Vulnerability description" }, { "category": "summary", "text": "Mozilla: Backport critical security fixes in Skia", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-5183" }, { "category": "external", "summary": "RHBZ#1576283", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576283" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5183", "url": "https://www.cve.org/CVERecord?id=CVE-2018-5183" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5183", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5183" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5183", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5183" } ], "release_date": "2018-05-09T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-05-14T15:19:04+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.", "product_ids": [ "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1415" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "Mozilla: Backport critical security fixes in Skia" } ] }
rhsa-2018_1415
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Critical" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for firefox is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.\n\nThis update upgrades Firefox to version 52.8.0 ESR.\n\nSecurity Fix(es):\n\n* Mozilla: Memory safety bugs fixed in Firefox 60 and Firefox ESR 52.8 (CVE-2018-5150)\n\n* Mozilla: Backport critical security fixes in Skia (CVE-2018-5183)\n\n* Mozilla: Use-after-free with SVG animations and clip paths (CVE-2018-5154)\n\n* Mozilla: Use-after-free with SVG animations and text paths (CVE-2018-5155)\n\n* Mozilla: Same-origin bypass of PDF Viewer to view protected PDF files (CVE-2018-5157)\n\n* Mozilla: Malicious PDF can inject JavaScript into PDF Viewer (CVE-2018-5158)\n\n* Mozilla: Integer overflow and out-of-bounds write in Skia (CVE-2018-5159)\n\n* Mozilla: Lightweight themes can be installed without user interaction (CVE-2018-5168)\n\n* Mozilla: Buffer overflow during UTF-8 to Unicode string conversion through legacy extension (CVE-2018-5178)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nRed Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Christoph Diehl, Randell Jesup, Tyson Smith, Alex Gaynor, Ronald Crane, Julian Hector, Kannan Vijayan, Jason Kratzer, Mozilla Developers, Nils, Wladimir Palant, Ivan Fratric, and Root Object as the original reporters.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2018:1415", "url": "https://access.redhat.com/errata/RHSA-2018:1415" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#critical", "url": "https://access.redhat.com/security/updates/classification/#critical" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/" }, { "category": "external", "summary": "1576250", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576250" }, { "category": "external", "summary": "1576255", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576255" }, { "category": "external", "summary": "1576257", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576257" }, { "category": "external", "summary": "1576258", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576258" }, { "category": "external", "summary": "1576259", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576259" }, { "category": "external", "summary": "1576260", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576260" }, { "category": "external", "summary": "1576269", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576269" }, { "category": "external", "summary": "1576278", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576278" }, { "category": "external", "summary": "1576283", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576283" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_1415.json" } ], "title": "Red Hat Security Advisory: firefox security update", "tracking": { "current_release_date": "2024-11-22T11:57:58+00:00", "generator": { "date": "2024-11-22T11:57:58+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2018:1415", "initial_release_date": "2018-05-14T15:19:04+00:00", "revision_history": [ { "date": "2018-05-14T15:19:04+00:00", "number": "1", "summary": "Initial version" }, { "date": "2018-05-14T15:19:04+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-22T11:57:58+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux Client (v. 7)", "product": { "name": "Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.5.Z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:7::client" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Client Optional (v. 7)", "product": { "name": "Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.5.Z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:7::client" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Server (v. 7)", "product": { "name": "Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.5.Z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:7::server" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product": { "name": "Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-Alt-7.5.Z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:7::server" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Server Optional (v. 7)", "product": { "name": "Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.5.Z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:7::server" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product": { "name": "Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product_id": "7Server-optional-Alt-7.5.Z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:7::server" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Workstation (v. 7)", "product": { "name": "Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.5.Z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:7::workstation" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Workstation Optional (v. 7)", "product": { "name": "Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.5.Z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:7::workstation" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux" }, { "branches": [ { "category": "product_version", "name": "firefox-0:52.8.0-1.el7_5.x86_64", "product": { "name": "firefox-0:52.8.0-1.el7_5.x86_64", "product_id": "firefox-0:52.8.0-1.el7_5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox@52.8.0-1.el7_5?arch=x86_64" } } }, { "category": "product_version", "name": "firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "product": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "product_id": "firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox-debuginfo@52.8.0-1.el7_5?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "firefox-0:52.8.0-1.el7_5.src", "product": { "name": "firefox-0:52.8.0-1.el7_5.src", "product_id": "firefox-0:52.8.0-1.el7_5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox@52.8.0-1.el7_5?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "firefox-0:52.8.0-1.el7_5.i686", "product": { "name": "firefox-0:52.8.0-1.el7_5.i686", "product_id": "firefox-0:52.8.0-1.el7_5.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox@52.8.0-1.el7_5?arch=i686" } } }, { "category": "product_version", "name": "firefox-debuginfo-0:52.8.0-1.el7_5.i686", "product": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.i686", "product_id": "firefox-debuginfo-0:52.8.0-1.el7_5.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox-debuginfo@52.8.0-1.el7_5?arch=i686" } } } ], "category": "architecture", "name": "i686" }, { "branches": [ { "category": "product_version", "name": "firefox-0:52.8.0-1.el7_5.s390x", "product": { "name": "firefox-0:52.8.0-1.el7_5.s390x", "product_id": "firefox-0:52.8.0-1.el7_5.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox@52.8.0-1.el7_5?arch=s390x" } } }, { "category": "product_version", "name": "firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "product": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "product_id": "firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox-debuginfo@52.8.0-1.el7_5?arch=s390x" } } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "firefox-0:52.8.0-1.el7_5.ppc64", "product": { "name": "firefox-0:52.8.0-1.el7_5.ppc64", "product_id": "firefox-0:52.8.0-1.el7_5.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox@52.8.0-1.el7_5?arch=ppc64" } } }, { "category": "product_version", "name": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "product": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "product_id": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox-debuginfo@52.8.0-1.el7_5?arch=ppc64" } } } ], "category": "architecture", "name": "ppc64" }, { "branches": [ { "category": "product_version", "name": "firefox-0:52.8.0-1.el7_5.ppc64le", "product": { "name": "firefox-0:52.8.0-1.el7_5.ppc64le", "product_id": "firefox-0:52.8.0-1.el7_5.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox@52.8.0-1.el7_5?arch=ppc64le" } } }, { "category": "product_version", "name": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "product": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "product_id": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox-debuginfo@52.8.0-1.el7_5?arch=ppc64le" } } } ], "category": "architecture", "name": "ppc64le" }, { "branches": [ { "category": "product_version", "name": "firefox-0:52.8.0-1.el7_5.aarch64", "product": { "name": "firefox-0:52.8.0-1.el7_5.aarch64", "product_id": "firefox-0:52.8.0-1.el7_5.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox@52.8.0-1.el7_5?arch=aarch64" } } }, { "category": "product_version", "name": "firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "product": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "product_id": "firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox-debuginfo@52.8.0-1.el7_5?arch=aarch64" } } } ], "category": "architecture", "name": "aarch64" }, { "branches": [ { "category": "product_version", "name": "firefox-0:52.8.0-1.el7_5.s390", "product": { "name": "firefox-0:52.8.0-1.el7_5.s390", "product_id": "firefox-0:52.8.0-1.el7_5.s390", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox@52.8.0-1.el7_5?arch=s390" } } }, { "category": "product_version", "name": "firefox-debuginfo-0:52.8.0-1.el7_5.s390", "product": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.s390", "product_id": "firefox-debuginfo-0:52.8.0-1.el7_5.s390", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox-debuginfo@52.8.0-1.el7_5?arch=s390" } } } ], "category": "architecture", "name": "s390" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.aarch64 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64" }, "product_reference": "firefox-0:52.8.0-1.el7_5.aarch64", "relates_to_product_reference": "7Client-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.i686 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686" }, "product_reference": "firefox-0:52.8.0-1.el7_5.i686", "relates_to_product_reference": "7Client-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64" }, "product_reference": "firefox-0:52.8.0-1.el7_5.ppc64", "relates_to_product_reference": "7Client-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le" }, "product_reference": "firefox-0:52.8.0-1.el7_5.ppc64le", "relates_to_product_reference": "7Client-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.s390 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390" }, "product_reference": "firefox-0:52.8.0-1.el7_5.s390", "relates_to_product_reference": "7Client-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.s390x as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x" }, "product_reference": "firefox-0:52.8.0-1.el7_5.s390x", "relates_to_product_reference": "7Client-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.src as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src" }, "product_reference": "firefox-0:52.8.0-1.el7_5.src", "relates_to_product_reference": "7Client-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64" }, "product_reference": "firefox-0:52.8.0-1.el7_5.x86_64", "relates_to_product_reference": "7Client-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.aarch64 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "relates_to_product_reference": "7Client-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.i686 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.i686", "relates_to_product_reference": "7Client-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "relates_to_product_reference": "7Client-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "relates_to_product_reference": "7Client-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.s390 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.s390", "relates_to_product_reference": "7Client-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.s390x as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "relates_to_product_reference": "7Client-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "relates_to_product_reference": "7Client-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.aarch64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64" }, "product_reference": "firefox-0:52.8.0-1.el7_5.aarch64", "relates_to_product_reference": "7Client-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.i686 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686" }, "product_reference": "firefox-0:52.8.0-1.el7_5.i686", "relates_to_product_reference": "7Client-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64" }, "product_reference": "firefox-0:52.8.0-1.el7_5.ppc64", "relates_to_product_reference": "7Client-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le" }, "product_reference": "firefox-0:52.8.0-1.el7_5.ppc64le", "relates_to_product_reference": "7Client-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.s390 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390" }, "product_reference": "firefox-0:52.8.0-1.el7_5.s390", "relates_to_product_reference": "7Client-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x" }, "product_reference": "firefox-0:52.8.0-1.el7_5.s390x", "relates_to_product_reference": "7Client-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.src as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src" }, "product_reference": "firefox-0:52.8.0-1.el7_5.src", "relates_to_product_reference": "7Client-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64" }, "product_reference": "firefox-0:52.8.0-1.el7_5.x86_64", "relates_to_product_reference": "7Client-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.aarch64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "relates_to_product_reference": "7Client-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.i686 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.i686", "relates_to_product_reference": "7Client-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "relates_to_product_reference": "7Client-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "relates_to_product_reference": "7Client-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.s390 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.s390", "relates_to_product_reference": "7Client-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "relates_to_product_reference": "7Client-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "relates_to_product_reference": "7Client-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.aarch64 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64" }, "product_reference": "firefox-0:52.8.0-1.el7_5.aarch64", "relates_to_product_reference": "7Server-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.i686 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686" }, "product_reference": "firefox-0:52.8.0-1.el7_5.i686", "relates_to_product_reference": "7Server-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64" }, "product_reference": "firefox-0:52.8.0-1.el7_5.ppc64", "relates_to_product_reference": "7Server-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le" }, "product_reference": "firefox-0:52.8.0-1.el7_5.ppc64le", "relates_to_product_reference": "7Server-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.s390 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390" }, "product_reference": "firefox-0:52.8.0-1.el7_5.s390", "relates_to_product_reference": "7Server-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.s390x as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x" }, "product_reference": "firefox-0:52.8.0-1.el7_5.s390x", "relates_to_product_reference": "7Server-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.src as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src" }, "product_reference": "firefox-0:52.8.0-1.el7_5.src", "relates_to_product_reference": "7Server-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64" }, "product_reference": "firefox-0:52.8.0-1.el7_5.x86_64", "relates_to_product_reference": "7Server-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.aarch64 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "relates_to_product_reference": "7Server-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.i686 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.i686", "relates_to_product_reference": "7Server-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "relates_to_product_reference": "7Server-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "relates_to_product_reference": "7Server-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.s390 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.s390", "relates_to_product_reference": "7Server-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.s390x as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "relates_to_product_reference": "7Server-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "relates_to_product_reference": "7Server-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.aarch64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64" }, "product_reference": "firefox-0:52.8.0-1.el7_5.aarch64", "relates_to_product_reference": "7Server-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.i686 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686" }, "product_reference": "firefox-0:52.8.0-1.el7_5.i686", "relates_to_product_reference": "7Server-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.ppc64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64" }, "product_reference": "firefox-0:52.8.0-1.el7_5.ppc64", "relates_to_product_reference": "7Server-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le" }, "product_reference": "firefox-0:52.8.0-1.el7_5.ppc64le", "relates_to_product_reference": "7Server-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.s390 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390" }, "product_reference": "firefox-0:52.8.0-1.el7_5.s390", "relates_to_product_reference": "7Server-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.s390x as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x" }, "product_reference": "firefox-0:52.8.0-1.el7_5.s390x", "relates_to_product_reference": "7Server-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.src as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src" }, "product_reference": "firefox-0:52.8.0-1.el7_5.src", "relates_to_product_reference": "7Server-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.x86_64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64" }, "product_reference": "firefox-0:52.8.0-1.el7_5.x86_64", "relates_to_product_reference": "7Server-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.aarch64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "relates_to_product_reference": "7Server-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.i686 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.i686", "relates_to_product_reference": "7Server-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "relates_to_product_reference": "7Server-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "relates_to_product_reference": "7Server-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.s390 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.s390", "relates_to_product_reference": "7Server-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.s390x as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "relates_to_product_reference": "7Server-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.x86_64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "relates_to_product_reference": "7Server-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.aarch64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64" }, "product_reference": "firefox-0:52.8.0-1.el7_5.aarch64", "relates_to_product_reference": "7Server-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686" }, "product_reference": "firefox-0:52.8.0-1.el7_5.i686", "relates_to_product_reference": "7Server-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64" }, "product_reference": "firefox-0:52.8.0-1.el7_5.ppc64", "relates_to_product_reference": "7Server-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le" }, "product_reference": "firefox-0:52.8.0-1.el7_5.ppc64le", "relates_to_product_reference": "7Server-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.s390 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390" }, "product_reference": "firefox-0:52.8.0-1.el7_5.s390", "relates_to_product_reference": "7Server-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x" }, "product_reference": "firefox-0:52.8.0-1.el7_5.s390x", "relates_to_product_reference": "7Server-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.src as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src" }, "product_reference": "firefox-0:52.8.0-1.el7_5.src", "relates_to_product_reference": "7Server-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64" }, "product_reference": "firefox-0:52.8.0-1.el7_5.x86_64", "relates_to_product_reference": "7Server-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.aarch64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "relates_to_product_reference": "7Server-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.i686", "relates_to_product_reference": "7Server-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "relates_to_product_reference": "7Server-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "relates_to_product_reference": "7Server-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.s390 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.s390", "relates_to_product_reference": "7Server-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "relates_to_product_reference": "7Server-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "relates_to_product_reference": "7Server-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.aarch64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product_id": "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64" }, "product_reference": "firefox-0:52.8.0-1.el7_5.aarch64", "relates_to_product_reference": "7Server-optional-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.i686 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product_id": "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686" }, "product_reference": "firefox-0:52.8.0-1.el7_5.i686", "relates_to_product_reference": "7Server-optional-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.ppc64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product_id": "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64" }, "product_reference": "firefox-0:52.8.0-1.el7_5.ppc64", "relates_to_product_reference": "7Server-optional-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product_id": "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le" }, "product_reference": "firefox-0:52.8.0-1.el7_5.ppc64le", "relates_to_product_reference": "7Server-optional-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.s390 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product_id": "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390" }, "product_reference": "firefox-0:52.8.0-1.el7_5.s390", "relates_to_product_reference": "7Server-optional-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.s390x as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product_id": "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x" }, "product_reference": "firefox-0:52.8.0-1.el7_5.s390x", "relates_to_product_reference": "7Server-optional-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.src as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product_id": "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src" }, "product_reference": "firefox-0:52.8.0-1.el7_5.src", "relates_to_product_reference": "7Server-optional-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.x86_64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product_id": "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64" }, "product_reference": "firefox-0:52.8.0-1.el7_5.x86_64", "relates_to_product_reference": "7Server-optional-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.aarch64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product_id": "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "relates_to_product_reference": "7Server-optional-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.i686 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product_id": "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.i686", "relates_to_product_reference": "7Server-optional-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product_id": "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "relates_to_product_reference": "7Server-optional-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product_id": "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "relates_to_product_reference": "7Server-optional-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.s390 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product_id": "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.s390", "relates_to_product_reference": "7Server-optional-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.s390x as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product_id": "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "relates_to_product_reference": "7Server-optional-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.x86_64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product_id": "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "relates_to_product_reference": "7Server-optional-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.aarch64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64" }, "product_reference": "firefox-0:52.8.0-1.el7_5.aarch64", "relates_to_product_reference": "7Workstation-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.i686 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686" }, "product_reference": "firefox-0:52.8.0-1.el7_5.i686", "relates_to_product_reference": "7Workstation-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64" }, "product_reference": "firefox-0:52.8.0-1.el7_5.ppc64", "relates_to_product_reference": "7Workstation-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le" }, "product_reference": "firefox-0:52.8.0-1.el7_5.ppc64le", "relates_to_product_reference": "7Workstation-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.s390 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390" }, "product_reference": "firefox-0:52.8.0-1.el7_5.s390", "relates_to_product_reference": "7Workstation-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x" }, "product_reference": "firefox-0:52.8.0-1.el7_5.s390x", "relates_to_product_reference": "7Workstation-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.src as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src" }, "product_reference": "firefox-0:52.8.0-1.el7_5.src", "relates_to_product_reference": "7Workstation-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64" }, "product_reference": "firefox-0:52.8.0-1.el7_5.x86_64", "relates_to_product_reference": "7Workstation-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.aarch64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "relates_to_product_reference": "7Workstation-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.i686 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.i686", "relates_to_product_reference": "7Workstation-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "relates_to_product_reference": "7Workstation-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "relates_to_product_reference": "7Workstation-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.s390 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.s390", "relates_to_product_reference": "7Workstation-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "relates_to_product_reference": "7Workstation-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "relates_to_product_reference": "7Workstation-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.aarch64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64" }, "product_reference": "firefox-0:52.8.0-1.el7_5.aarch64", "relates_to_product_reference": "7Workstation-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686" }, "product_reference": "firefox-0:52.8.0-1.el7_5.i686", "relates_to_product_reference": "7Workstation-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64" }, "product_reference": "firefox-0:52.8.0-1.el7_5.ppc64", "relates_to_product_reference": "7Workstation-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le" }, "product_reference": "firefox-0:52.8.0-1.el7_5.ppc64le", "relates_to_product_reference": "7Workstation-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.s390 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390" }, "product_reference": "firefox-0:52.8.0-1.el7_5.s390", "relates_to_product_reference": "7Workstation-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x" }, "product_reference": "firefox-0:52.8.0-1.el7_5.s390x", "relates_to_product_reference": "7Workstation-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.src as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src" }, "product_reference": "firefox-0:52.8.0-1.el7_5.src", "relates_to_product_reference": "7Workstation-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64" }, "product_reference": "firefox-0:52.8.0-1.el7_5.x86_64", "relates_to_product_reference": "7Workstation-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.aarch64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "relates_to_product_reference": "7Workstation-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.i686", "relates_to_product_reference": "7Workstation-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "relates_to_product_reference": "7Workstation-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "relates_to_product_reference": "7Workstation-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.s390 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.s390", "relates_to_product_reference": "7Workstation-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "relates_to_product_reference": "7Workstation-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "relates_to_product_reference": "7Workstation-optional-7.5.Z" } ] }, "vulnerabilities": [ { "acknowledgments": [ { "names": [ "the Mozilla project" ] }, { "names": [ "Christoph Diehl", "Randell Jesup", "Tyson Smith", "Alex Gaynor", "Ronald Crane", "Julian Hector", "Kannan Vijayan", "Jason Kratzer" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2018-5150", "cwe": { "id": "CWE-120", "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)" }, "discovery_date": "2018-05-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1576250" } ], "notes": [ { "category": "description", "text": "Memory safety bugs were reported in Firefox 59, Firefox ESR 52.7, and Thunderbird 52.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird \u003c 52.8, Thunderbird ESR \u003c 52.8, Firefox \u003c 60, and Firefox ESR \u003c 52.8.", "title": "Vulnerability description" }, { "category": "summary", "text": "Mozilla: Memory safety bugs fixed in Firefox 60 and Firefox ESR 52.8", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-5150" }, { "category": "external", "summary": "RHBZ#1576250", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576250" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5150", "url": "https://www.cve.org/CVERecord?id=CVE-2018-5150" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5150", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5150" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5150", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5150" } ], "release_date": "2018-05-09T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-05-14T15:19:04+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.", "product_ids": [ "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1415" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "Mozilla: Memory safety bugs fixed in Firefox 60 and Firefox ESR 52.8" }, { "acknowledgments": [ { "names": [ "the Mozilla project" ] }, { "names": [ "Nils" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2018-5154", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "discovery_date": "2018-05-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1576255" } ], "notes": [ { "category": "description", "text": "A use-after-free vulnerability can occur while enumerating attributes during SVG animations with clip paths. This results in a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 52.8, Thunderbird ESR \u003c 52.8, Firefox \u003c 60, and Firefox ESR \u003c 52.8.", "title": "Vulnerability description" }, { "category": "summary", "text": "Mozilla: Use-after-free with SVG animations and clip paths", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-5154" }, { "category": "external", "summary": "RHBZ#1576255", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576255" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5154", "url": "https://www.cve.org/CVERecord?id=CVE-2018-5154" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5154", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5154" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5154", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5154" } ], "release_date": "2018-05-09T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-05-14T15:19:04+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.", "product_ids": [ "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1415" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "Mozilla: Use-after-free with SVG animations and clip paths" }, { "acknowledgments": [ { "names": [ "the Mozilla project" ] }, { "names": [ "Nils" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2018-5155", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "discovery_date": "2018-05-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1576257" } ], "notes": [ { "category": "description", "text": "A use-after-free vulnerability can occur while adjusting layout during SVG animations with text paths. This results in a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 52.8, Thunderbird ESR \u003c 52.8, Firefox \u003c 60, and Firefox ESR \u003c 52.8.", "title": "Vulnerability description" }, { "category": "summary", "text": "Mozilla: Use-after-free with SVG animations and text paths", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-5155" }, { "category": "external", "summary": "RHBZ#1576257", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576257" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5155", "url": "https://www.cve.org/CVERecord?id=CVE-2018-5155" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5155", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5155" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5155", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5155" } ], "release_date": "2018-05-09T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-05-14T15:19:04+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.", "product_ids": [ "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1415" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "Mozilla: Use-after-free with SVG animations and text paths" }, { "acknowledgments": [ { "names": [ "the Mozilla project" ] }, { "names": [ "Wladimir Palant" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2018-5157", "cwe": { "id": "CWE-829", "name": "Inclusion of Functionality from Untrusted Control Sphere" }, "discovery_date": "2018-05-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1576258" } ], "notes": [ { "category": "description", "text": "Same-origin protections for the PDF viewer can be bypassed, allowing a malicious site to intercept messages meant for the viewer. This could allow the site to retrieve PDF files restricted to viewing by an authenticated user on a third-party website. This vulnerability affects Firefox ESR \u003c 52.8 and Firefox \u003c 60.", "title": "Vulnerability description" }, { "category": "summary", "text": "Mozilla: Same-origin bypass of PDF Viewer to view protected PDF files", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-5157" }, { "category": "external", "summary": "RHBZ#1576258", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576258" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5157", "url": "https://www.cve.org/CVERecord?id=CVE-2018-5157" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5157", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5157" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5157", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5157" } ], "release_date": "2018-05-09T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-05-14T15:19:04+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.", "product_ids": [ "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1415" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "Mozilla: Same-origin bypass of PDF Viewer to view protected PDF files" }, { "acknowledgments": [ { "names": [ "the Mozilla project" ] }, { "names": [ "Wladimir Palant" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2018-5158", "cwe": { "id": "CWE-95", "name": "Improper Neutralization of Directives in Dynamically Evaluated Code (\u0027Eval Injection\u0027)" }, "discovery_date": "2018-05-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1576259" } ], "notes": [ { "category": "description", "text": "The PDF viewer does not sufficiently sanitize PostScript calculator functions, allowing malicious JavaScript to be injected through a crafted PDF file. This JavaScript can then be run with the permissions of the PDF viewer by its worker. This vulnerability affects Firefox ESR \u003c 52.8 and Firefox \u003c 60.", "title": "Vulnerability description" }, { "category": "summary", "text": "Mozilla: Malicious PDF can inject JavaScript into PDF Viewer", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-5158" }, { "category": "external", "summary": "RHBZ#1576259", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576259" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5158", "url": "https://www.cve.org/CVERecord?id=CVE-2018-5158" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5158", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5158" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5158", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5158" } ], "release_date": "2018-05-09T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-05-14T15:19:04+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.", "product_ids": [ "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1415" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "Mozilla: Malicious PDF can inject JavaScript into PDF Viewer" }, { "acknowledgments": [ { "names": [ "the Mozilla project" ] }, { "names": [ "Ivan Fratric" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2018-5159", "cwe": { "id": "CWE-120", "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)" }, "discovery_date": "2018-05-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1576260" } ], "notes": [ { "category": "description", "text": "An integer overflow can occur in the Skia library due to 32-bit integer use in an array without integer overflow checks, resulting in possible out-of-bounds writes. This could lead to a potentially exploitable crash triggerable by web content. This vulnerability affects Thunderbird \u003c 52.8, Thunderbird ESR \u003c 52.8, Firefox \u003c 60, and Firefox ESR \u003c 52.8.", "title": "Vulnerability description" }, { "category": "summary", "text": "Mozilla: Integer overflow and out-of-bounds write in Skia", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-5159" }, { "category": "external", "summary": "RHBZ#1576260", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576260" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5159", "url": "https://www.cve.org/CVERecord?id=CVE-2018-5159" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5159", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5159" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5159", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5159" } ], "release_date": "2018-05-09T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-05-14T15:19:04+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.", "product_ids": [ "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1415" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "Mozilla: Integer overflow and out-of-bounds write in Skia" }, { "acknowledgments": [ { "names": [ "the Mozilla project" ] }, { "names": [ "Wladimir Palant" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2018-5168", "cwe": { "id": "CWE-862", "name": "Missing Authorization" }, "discovery_date": "2018-05-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1576269" } ], "notes": [ { "category": "description", "text": "Sites can bypass security checks on permissions to install lightweight themes by manipulating the \"baseURI\" property of the theme element. This could allow a malicious site to install a theme without user interaction which could contain offensive or embarrassing images. This vulnerability affects Thunderbird \u003c 52.8, Thunderbird ESR \u003c 52.8, Firefox \u003c 60, and Firefox ESR \u003c 52.8.", "title": "Vulnerability description" }, { "category": "summary", "text": "Mozilla: Lightweight themes can be installed without user interaction", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-5168" }, { "category": "external", "summary": "RHBZ#1576269", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576269" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5168", "url": "https://www.cve.org/CVERecord?id=CVE-2018-5168" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5168", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5168" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5168", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5168" } ], "release_date": "2018-05-09T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-05-14T15:19:04+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.", "product_ids": [ "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1415" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0" }, "products": [ "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "Mozilla: Lightweight themes can be installed without user interaction" }, { "acknowledgments": [ { "names": [ "the Mozilla project" ] }, { "names": [ "Root Object" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2018-5178", "cwe": { "id": "CWE-120", "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)" }, "discovery_date": "2018-05-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1576278" } ], "notes": [ { "category": "description", "text": "A buffer overflow was found during UTF8 to Unicode string conversion within JavaScript with extremely large amounts of data. This vulnerability requires the use of a malicious or vulnerable legacy extension in order to occur. This vulnerability affects Thunderbird ESR \u003c 52.8, Thunderbird \u003c 52.8, and Firefox ESR \u003c 52.8.", "title": "Vulnerability description" }, { "category": "summary", "text": "Mozilla: Buffer overflow during UTF-8 to Unicode string conversion through legacy extension", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-5178" }, { "category": "external", "summary": "RHBZ#1576278", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576278" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5178", "url": "https://www.cve.org/CVERecord?id=CVE-2018-5178" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5178", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5178" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5178", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5178" } ], "release_date": "2018-05-09T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-05-14T15:19:04+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.", "product_ids": [ "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1415" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "Mozilla: Buffer overflow during UTF-8 to Unicode string conversion through legacy extension" }, { "acknowledgments": [ { "names": [ "the Mozilla project" ] }, { "names": [ "Mozilla Developers" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2018-5183", "cwe": { "id": "CWE-120", "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)" }, "discovery_date": "2018-05-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1576283" } ], "notes": [ { "category": "description", "text": "Mozilla developers backported selected changes in the Skia library. These changes correct memory corruption issues including invalid buffer reads and writes during graphic operations. This vulnerability affects Thunderbird ESR \u003c 52.8, Thunderbird \u003c 52.8, and Firefox ESR \u003c 52.8.", "title": "Vulnerability description" }, { "category": "summary", "text": "Mozilla: Backport critical security fixes in Skia", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-5183" }, { "category": "external", "summary": "RHBZ#1576283", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576283" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5183", "url": "https://www.cve.org/CVERecord?id=CVE-2018-5183" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5183", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5183" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5183", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5183" } ], "release_date": "2018-05-09T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-05-14T15:19:04+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.", "product_ids": [ "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1415" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "Mozilla: Backport critical security fixes in Skia" } ] }
RHSA-2018:1414
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Critical" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for firefox is now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.\n\nThis update upgrades Firefox to version 52.8.0 ESR.\n\nSecurity Fix(es):\n\n* Mozilla: Memory safety bugs fixed in Firefox 60 and Firefox ESR 52.8 (CVE-2018-5150)\n\n* Mozilla: Backport critical security fixes in Skia (CVE-2018-5183)\n\n* Mozilla: Use-after-free with SVG animations and clip paths (CVE-2018-5154)\n\n* Mozilla: Use-after-free with SVG animations and text paths (CVE-2018-5155)\n\n* Mozilla: Same-origin bypass of PDF Viewer to view protected PDF files (CVE-2018-5157)\n\n* Mozilla: Malicious PDF can inject JavaScript into PDF Viewer (CVE-2018-5158)\n\n* Mozilla: Integer overflow and out-of-bounds write in Skia (CVE-2018-5159)\n\n* Mozilla: Lightweight themes can be installed without user interaction (CVE-2018-5168)\n\n* Mozilla: Buffer overflow during UTF-8 to Unicode string conversion through legacy extension (CVE-2018-5178)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nRed Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Christoph Diehl, Randell Jesup, Tyson Smith, Alex Gaynor, Ronald Crane, Julian Hector, Kannan Vijayan, Jason Kratzer, Mozilla Developers, Nils, Wladimir Palant, Ivan Fratric, and Root Object as the original reporters.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2018:1414", "url": "https://access.redhat.com/errata/RHSA-2018:1414" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#critical", "url": "https://access.redhat.com/security/updates/classification/#critical" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-11/", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-11/" }, { "category": "external", "summary": "1576250", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576250" }, { "category": "external", "summary": "1576255", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576255" }, { "category": "external", "summary": "1576257", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576257" }, { "category": "external", "summary": "1576258", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576258" }, { "category": "external", "summary": "1576259", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576259" }, { "category": "external", "summary": "1576260", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576260" }, { "category": "external", "summary": "1576269", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576269" }, { "category": "external", "summary": "1576278", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576278" }, { "category": "external", "summary": "1576283", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576283" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_1414.json" } ], "title": "Red Hat Security Advisory: firefox security update", "tracking": { "current_release_date": "2024-11-22T11:58:04+00:00", "generator": { "date": "2024-11-22T11:58:04+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2018:1414", "initial_release_date": "2018-05-14T14:48:05+00:00", "revision_history": [ { "date": "2018-05-14T14:48:05+00:00", "number": "1", "summary": "Initial version" }, { "date": "2018-05-14T14:48:05+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-22T11:58:04+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux Desktop (v. 6)", "product": { "name": "Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client-6.9.z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:6::client" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Desktop Optional (v. 6)", "product": { "name": "Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.9.z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:6::client" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product": { "name": "Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.9.z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:6::computenode" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Server (v. 6)", "product": { "name": "Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.9.z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:6::server" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Server Optional (v. 6)", "product": { "name": "Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.9.z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:6::server" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Workstation (v. 6)", "product": { "name": "Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.9.z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:6::workstation" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Workstation Optional (v. 6)", "product": { "name": "Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.9.z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:6::workstation" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux" }, { "branches": [ { "category": "product_version", "name": "firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "product": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "product_id": "firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox-debuginfo@52.8.0-1.el6_9?arch=x86_64" } } }, { "category": "product_version", "name": "firefox-0:52.8.0-1.el6_9.x86_64", "product": { "name": "firefox-0:52.8.0-1.el6_9.x86_64", "product_id": "firefox-0:52.8.0-1.el6_9.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox@52.8.0-1.el6_9?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "firefox-debuginfo-0:52.8.0-1.el6_9.i686", "product": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.i686", "product_id": "firefox-debuginfo-0:52.8.0-1.el6_9.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox-debuginfo@52.8.0-1.el6_9?arch=i686" } } }, { "category": "product_version", "name": "firefox-0:52.8.0-1.el6_9.i686", "product": { "name": "firefox-0:52.8.0-1.el6_9.i686", "product_id": "firefox-0:52.8.0-1.el6_9.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox@52.8.0-1.el6_9?arch=i686" } } } ], "category": "architecture", "name": "i686" }, { "branches": [ { "category": "product_version", "name": "firefox-0:52.8.0-1.el6_9.src", "product": { "name": "firefox-0:52.8.0-1.el6_9.src", "product_id": "firefox-0:52.8.0-1.el6_9.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox@52.8.0-1.el6_9?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "product": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "product_id": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox-debuginfo@52.8.0-1.el6_9?arch=ppc" } } }, { "category": "product_version", "name": "firefox-0:52.8.0-1.el6_9.ppc", "product": { "name": "firefox-0:52.8.0-1.el6_9.ppc", "product_id": "firefox-0:52.8.0-1.el6_9.ppc", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox@52.8.0-1.el6_9?arch=ppc" } } } ], "category": "architecture", "name": "ppc" }, { "branches": [ { "category": "product_version", "name": "firefox-debuginfo-0:52.8.0-1.el6_9.s390", "product": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.s390", "product_id": "firefox-debuginfo-0:52.8.0-1.el6_9.s390", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox-debuginfo@52.8.0-1.el6_9?arch=s390" } } }, { "category": "product_version", "name": "firefox-0:52.8.0-1.el6_9.s390", "product": { "name": "firefox-0:52.8.0-1.el6_9.s390", "product_id": "firefox-0:52.8.0-1.el6_9.s390", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox@52.8.0-1.el6_9?arch=s390" } } } ], "category": "architecture", "name": "s390" }, { "branches": [ { "category": "product_version", "name": "firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "product": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "product_id": "firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox-debuginfo@52.8.0-1.el6_9?arch=s390x" } } }, { "category": "product_version", "name": "firefox-0:52.8.0-1.el6_9.s390x", "product": { "name": "firefox-0:52.8.0-1.el6_9.s390x", "product_id": "firefox-0:52.8.0-1.el6_9.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox@52.8.0-1.el6_9?arch=s390x" } } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "product": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "product_id": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox-debuginfo@52.8.0-1.el6_9?arch=ppc64" } } }, { "category": "product_version", "name": "firefox-0:52.8.0-1.el6_9.ppc64", "product": { "name": "firefox-0:52.8.0-1.el6_9.ppc64", "product_id": "firefox-0:52.8.0-1.el6_9.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox@52.8.0-1.el6_9?arch=ppc64" } } } ], "category": "architecture", "name": "ppc64" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686" }, "product_reference": "firefox-0:52.8.0-1.el6_9.i686", "relates_to_product_reference": "6Client-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.ppc as a component of Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc" }, "product_reference": "firefox-0:52.8.0-1.el6_9.ppc", "relates_to_product_reference": "6Client-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64" }, "product_reference": "firefox-0:52.8.0-1.el6_9.ppc64", "relates_to_product_reference": "6Client-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.s390 as a component of Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390" }, "product_reference": "firefox-0:52.8.0-1.el6_9.s390", "relates_to_product_reference": "6Client-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.s390x as a component of Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x" }, "product_reference": "firefox-0:52.8.0-1.el6_9.s390x", "relates_to_product_reference": "6Client-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.src as a component of Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src" }, "product_reference": "firefox-0:52.8.0-1.el6_9.src", "relates_to_product_reference": "6Client-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64" }, "product_reference": "firefox-0:52.8.0-1.el6_9.x86_64", "relates_to_product_reference": "6Client-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.i686", "relates_to_product_reference": "6Client-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc as a component of Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "relates_to_product_reference": "6Client-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "relates_to_product_reference": "6Client-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.s390 as a component of Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.s390", "relates_to_product_reference": "6Client-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.s390x as a component of Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "relates_to_product_reference": "6Client-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "relates_to_product_reference": "6Client-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686" }, "product_reference": "firefox-0:52.8.0-1.el6_9.i686", "relates_to_product_reference": "6Client-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.ppc as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc" }, "product_reference": "firefox-0:52.8.0-1.el6_9.ppc", "relates_to_product_reference": "6Client-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64" }, "product_reference": "firefox-0:52.8.0-1.el6_9.ppc64", "relates_to_product_reference": "6Client-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.s390 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390" }, "product_reference": "firefox-0:52.8.0-1.el6_9.s390", "relates_to_product_reference": "6Client-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x" }, "product_reference": "firefox-0:52.8.0-1.el6_9.s390x", "relates_to_product_reference": "6Client-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.src as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src" }, "product_reference": "firefox-0:52.8.0-1.el6_9.src", "relates_to_product_reference": "6Client-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64" }, "product_reference": "firefox-0:52.8.0-1.el6_9.x86_64", "relates_to_product_reference": "6Client-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.i686", "relates_to_product_reference": "6Client-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "relates_to_product_reference": "6Client-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "relates_to_product_reference": "6Client-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.s390 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.s390", "relates_to_product_reference": "6Client-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "relates_to_product_reference": "6Client-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "relates_to_product_reference": "6Client-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686" }, "product_reference": "firefox-0:52.8.0-1.el6_9.i686", "relates_to_product_reference": "6ComputeNode-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.ppc as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc" }, "product_reference": "firefox-0:52.8.0-1.el6_9.ppc", "relates_to_product_reference": "6ComputeNode-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64" }, "product_reference": "firefox-0:52.8.0-1.el6_9.ppc64", "relates_to_product_reference": "6ComputeNode-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.s390 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390" }, "product_reference": "firefox-0:52.8.0-1.el6_9.s390", "relates_to_product_reference": "6ComputeNode-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x" }, "product_reference": "firefox-0:52.8.0-1.el6_9.s390x", "relates_to_product_reference": "6ComputeNode-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.src as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src" }, "product_reference": "firefox-0:52.8.0-1.el6_9.src", "relates_to_product_reference": "6ComputeNode-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64" }, "product_reference": "firefox-0:52.8.0-1.el6_9.x86_64", "relates_to_product_reference": "6ComputeNode-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.i686", "relates_to_product_reference": "6ComputeNode-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "relates_to_product_reference": "6ComputeNode-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "relates_to_product_reference": "6ComputeNode-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.s390 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.s390", "relates_to_product_reference": "6ComputeNode-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "relates_to_product_reference": "6ComputeNode-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "relates_to_product_reference": "6ComputeNode-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.i686 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686" }, "product_reference": "firefox-0:52.8.0-1.el6_9.i686", "relates_to_product_reference": "6Server-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.ppc as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc" }, "product_reference": "firefox-0:52.8.0-1.el6_9.ppc", "relates_to_product_reference": "6Server-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64" }, "product_reference": "firefox-0:52.8.0-1.el6_9.ppc64", "relates_to_product_reference": "6Server-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.s390 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390" }, "product_reference": "firefox-0:52.8.0-1.el6_9.s390", "relates_to_product_reference": "6Server-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.s390x as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x" }, "product_reference": "firefox-0:52.8.0-1.el6_9.s390x", "relates_to_product_reference": "6Server-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.src as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src" }, "product_reference": "firefox-0:52.8.0-1.el6_9.src", "relates_to_product_reference": "6Server-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64" }, "product_reference": "firefox-0:52.8.0-1.el6_9.x86_64", "relates_to_product_reference": "6Server-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.i686 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.i686", "relates_to_product_reference": "6Server-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "relates_to_product_reference": "6Server-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "relates_to_product_reference": "6Server-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.s390 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.s390", "relates_to_product_reference": "6Server-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.s390x as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "relates_to_product_reference": "6Server-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "relates_to_product_reference": "6Server-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686" }, "product_reference": "firefox-0:52.8.0-1.el6_9.i686", "relates_to_product_reference": "6Server-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.ppc as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc" }, "product_reference": "firefox-0:52.8.0-1.el6_9.ppc", "relates_to_product_reference": "6Server-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64" }, "product_reference": "firefox-0:52.8.0-1.el6_9.ppc64", "relates_to_product_reference": "6Server-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.s390 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390" }, "product_reference": "firefox-0:52.8.0-1.el6_9.s390", "relates_to_product_reference": "6Server-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x" }, "product_reference": "firefox-0:52.8.0-1.el6_9.s390x", "relates_to_product_reference": "6Server-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.src as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src" }, "product_reference": "firefox-0:52.8.0-1.el6_9.src", "relates_to_product_reference": "6Server-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64" }, "product_reference": "firefox-0:52.8.0-1.el6_9.x86_64", "relates_to_product_reference": "6Server-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.i686", "relates_to_product_reference": "6Server-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "relates_to_product_reference": "6Server-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "relates_to_product_reference": "6Server-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.s390 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.s390", "relates_to_product_reference": "6Server-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "relates_to_product_reference": "6Server-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "relates_to_product_reference": "6Server-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686" }, "product_reference": "firefox-0:52.8.0-1.el6_9.i686", "relates_to_product_reference": "6Workstation-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.ppc as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc" }, "product_reference": "firefox-0:52.8.0-1.el6_9.ppc", "relates_to_product_reference": "6Workstation-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64" }, "product_reference": "firefox-0:52.8.0-1.el6_9.ppc64", "relates_to_product_reference": "6Workstation-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.s390 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390" }, "product_reference": "firefox-0:52.8.0-1.el6_9.s390", "relates_to_product_reference": "6Workstation-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x" }, "product_reference": "firefox-0:52.8.0-1.el6_9.s390x", "relates_to_product_reference": "6Workstation-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.src as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src" }, "product_reference": "firefox-0:52.8.0-1.el6_9.src", "relates_to_product_reference": "6Workstation-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64" }, "product_reference": "firefox-0:52.8.0-1.el6_9.x86_64", "relates_to_product_reference": "6Workstation-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.i686", "relates_to_product_reference": "6Workstation-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "relates_to_product_reference": "6Workstation-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "relates_to_product_reference": "6Workstation-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.s390 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.s390", "relates_to_product_reference": "6Workstation-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "relates_to_product_reference": "6Workstation-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "relates_to_product_reference": "6Workstation-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686" }, "product_reference": "firefox-0:52.8.0-1.el6_9.i686", "relates_to_product_reference": "6Workstation-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.ppc as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc" }, "product_reference": "firefox-0:52.8.0-1.el6_9.ppc", "relates_to_product_reference": "6Workstation-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64" }, "product_reference": "firefox-0:52.8.0-1.el6_9.ppc64", "relates_to_product_reference": "6Workstation-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.s390 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390" }, "product_reference": "firefox-0:52.8.0-1.el6_9.s390", "relates_to_product_reference": "6Workstation-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x" }, "product_reference": "firefox-0:52.8.0-1.el6_9.s390x", "relates_to_product_reference": "6Workstation-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.src as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src" }, "product_reference": "firefox-0:52.8.0-1.el6_9.src", "relates_to_product_reference": "6Workstation-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el6_9.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64" }, "product_reference": "firefox-0:52.8.0-1.el6_9.x86_64", "relates_to_product_reference": "6Workstation-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.i686", "relates_to_product_reference": "6Workstation-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "relates_to_product_reference": "6Workstation-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "relates_to_product_reference": "6Workstation-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.s390 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.s390", "relates_to_product_reference": "6Workstation-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "relates_to_product_reference": "6Workstation-optional-6.9.z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el6_9.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "relates_to_product_reference": "6Workstation-optional-6.9.z" } ] }, "vulnerabilities": [ { "acknowledgments": [ { "names": [ "the Mozilla project" ] }, { "names": [ "Christoph Diehl", "Randell Jesup", "Tyson Smith", "Alex Gaynor", "Ronald Crane", "Julian Hector", "Kannan Vijayan", "Jason Kratzer" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2018-5150", "cwe": { "id": "CWE-120", "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)" }, "discovery_date": "2018-05-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1576250" } ], "notes": [ { "category": "description", "text": "Memory safety bugs were reported in Firefox 59, Firefox ESR 52.7, and Thunderbird 52.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird \u003c 52.8, Thunderbird ESR \u003c 52.8, Firefox \u003c 60, and Firefox ESR \u003c 52.8.", "title": "Vulnerability description" }, { "category": "summary", "text": "Mozilla: Memory safety bugs fixed in Firefox 60 and Firefox ESR 52.8", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-5150" }, { "category": "external", "summary": "RHBZ#1576250", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576250" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5150", "url": "https://www.cve.org/CVERecord?id=CVE-2018-5150" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5150", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5150" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5150", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5150" } ], "release_date": "2018-05-09T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-05-14T14:48:05+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.", "product_ids": [ "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1414" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "Mozilla: Memory safety bugs fixed in Firefox 60 and Firefox ESR 52.8" }, { "acknowledgments": [ { "names": [ "the Mozilla project" ] }, { "names": [ "Nils" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2018-5154", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "discovery_date": "2018-05-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1576255" } ], "notes": [ { "category": "description", "text": "A use-after-free vulnerability can occur while enumerating attributes during SVG animations with clip paths. This results in a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 52.8, Thunderbird ESR \u003c 52.8, Firefox \u003c 60, and Firefox ESR \u003c 52.8.", "title": "Vulnerability description" }, { "category": "summary", "text": "Mozilla: Use-after-free with SVG animations and clip paths", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-5154" }, { "category": "external", "summary": "RHBZ#1576255", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576255" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5154", "url": "https://www.cve.org/CVERecord?id=CVE-2018-5154" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5154", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5154" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5154", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5154" } ], "release_date": "2018-05-09T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-05-14T14:48:05+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.", "product_ids": [ "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1414" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "Mozilla: Use-after-free with SVG animations and clip paths" }, { "acknowledgments": [ { "names": [ "the Mozilla project" ] }, { "names": [ "Nils" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2018-5155", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "discovery_date": "2018-05-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1576257" } ], "notes": [ { "category": "description", "text": "A use-after-free vulnerability can occur while adjusting layout during SVG animations with text paths. This results in a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 52.8, Thunderbird ESR \u003c 52.8, Firefox \u003c 60, and Firefox ESR \u003c 52.8.", "title": "Vulnerability description" }, { "category": "summary", "text": "Mozilla: Use-after-free with SVG animations and text paths", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-5155" }, { "category": "external", "summary": "RHBZ#1576257", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576257" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5155", "url": "https://www.cve.org/CVERecord?id=CVE-2018-5155" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5155", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5155" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5155", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5155" } ], "release_date": "2018-05-09T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-05-14T14:48:05+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.", "product_ids": [ "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1414" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "Mozilla: Use-after-free with SVG animations and text paths" }, { "acknowledgments": [ { "names": [ "the Mozilla project" ] }, { "names": [ "Wladimir Palant" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2018-5157", "cwe": { "id": "CWE-829", "name": "Inclusion of Functionality from Untrusted Control Sphere" }, "discovery_date": "2018-05-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1576258" } ], "notes": [ { "category": "description", "text": "Same-origin protections for the PDF viewer can be bypassed, allowing a malicious site to intercept messages meant for the viewer. This could allow the site to retrieve PDF files restricted to viewing by an authenticated user on a third-party website. This vulnerability affects Firefox ESR \u003c 52.8 and Firefox \u003c 60.", "title": "Vulnerability description" }, { "category": "summary", "text": "Mozilla: Same-origin bypass of PDF Viewer to view protected PDF files", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-5157" }, { "category": "external", "summary": "RHBZ#1576258", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576258" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5157", "url": "https://www.cve.org/CVERecord?id=CVE-2018-5157" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5157", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5157" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5157", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5157" } ], "release_date": "2018-05-09T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-05-14T14:48:05+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.", "product_ids": [ "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1414" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "Mozilla: Same-origin bypass of PDF Viewer to view protected PDF files" }, { "acknowledgments": [ { "names": [ "the Mozilla project" ] }, { "names": [ "Wladimir Palant" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2018-5158", "cwe": { "id": "CWE-95", "name": "Improper Neutralization of Directives in Dynamically Evaluated Code (\u0027Eval Injection\u0027)" }, "discovery_date": "2018-05-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1576259" } ], "notes": [ { "category": "description", "text": "The PDF viewer does not sufficiently sanitize PostScript calculator functions, allowing malicious JavaScript to be injected through a crafted PDF file. This JavaScript can then be run with the permissions of the PDF viewer by its worker. This vulnerability affects Firefox ESR \u003c 52.8 and Firefox \u003c 60.", "title": "Vulnerability description" }, { "category": "summary", "text": "Mozilla: Malicious PDF can inject JavaScript into PDF Viewer", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-5158" }, { "category": "external", "summary": "RHBZ#1576259", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576259" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5158", "url": "https://www.cve.org/CVERecord?id=CVE-2018-5158" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5158", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5158" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5158", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5158" } ], "release_date": "2018-05-09T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-05-14T14:48:05+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.", "product_ids": [ "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1414" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "Mozilla: Malicious PDF can inject JavaScript into PDF Viewer" }, { "acknowledgments": [ { "names": [ "the Mozilla project" ] }, { "names": [ "Ivan Fratric" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2018-5159", "cwe": { "id": "CWE-120", "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)" }, "discovery_date": "2018-05-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1576260" } ], "notes": [ { "category": "description", "text": "An integer overflow can occur in the Skia library due to 32-bit integer use in an array without integer overflow checks, resulting in possible out-of-bounds writes. This could lead to a potentially exploitable crash triggerable by web content. This vulnerability affects Thunderbird \u003c 52.8, Thunderbird ESR \u003c 52.8, Firefox \u003c 60, and Firefox ESR \u003c 52.8.", "title": "Vulnerability description" }, { "category": "summary", "text": "Mozilla: Integer overflow and out-of-bounds write in Skia", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-5159" }, { "category": "external", "summary": "RHBZ#1576260", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576260" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5159", "url": "https://www.cve.org/CVERecord?id=CVE-2018-5159" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5159", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5159" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5159", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5159" } ], "release_date": "2018-05-09T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-05-14T14:48:05+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.", "product_ids": [ "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1414" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "Mozilla: Integer overflow and out-of-bounds write in Skia" }, { "acknowledgments": [ { "names": [ "the Mozilla project" ] }, { "names": [ "Wladimir Palant" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2018-5168", "cwe": { "id": "CWE-862", "name": "Missing Authorization" }, "discovery_date": "2018-05-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1576269" } ], "notes": [ { "category": "description", "text": "Sites can bypass security checks on permissions to install lightweight themes by manipulating the \"baseURI\" property of the theme element. This could allow a malicious site to install a theme without user interaction which could contain offensive or embarrassing images. This vulnerability affects Thunderbird \u003c 52.8, Thunderbird ESR \u003c 52.8, Firefox \u003c 60, and Firefox ESR \u003c 52.8.", "title": "Vulnerability description" }, { "category": "summary", "text": "Mozilla: Lightweight themes can be installed without user interaction", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-5168" }, { "category": "external", "summary": "RHBZ#1576269", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576269" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5168", "url": "https://www.cve.org/CVERecord?id=CVE-2018-5168" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5168", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5168" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5168", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5168" } ], "release_date": "2018-05-09T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-05-14T14:48:05+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.", "product_ids": [ "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1414" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0" }, "products": [ "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "Mozilla: Lightweight themes can be installed without user interaction" }, { "acknowledgments": [ { "names": [ "the Mozilla project" ] }, { "names": [ "Root Object" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2018-5178", "cwe": { "id": "CWE-120", "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)" }, "discovery_date": "2018-05-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1576278" } ], "notes": [ { "category": "description", "text": "A buffer overflow was found during UTF8 to Unicode string conversion within JavaScript with extremely large amounts of data. This vulnerability requires the use of a malicious or vulnerable legacy extension in order to occur. This vulnerability affects Thunderbird ESR \u003c 52.8, Thunderbird \u003c 52.8, and Firefox ESR \u003c 52.8.", "title": "Vulnerability description" }, { "category": "summary", "text": "Mozilla: Buffer overflow during UTF-8 to Unicode string conversion through legacy extension", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-5178" }, { "category": "external", "summary": "RHBZ#1576278", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576278" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5178", "url": "https://www.cve.org/CVERecord?id=CVE-2018-5178" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5178", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5178" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5178", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5178" } ], "release_date": "2018-05-09T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-05-14T14:48:05+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.", "product_ids": [ "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1414" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "Mozilla: Buffer overflow during UTF-8 to Unicode string conversion through legacy extension" }, { "acknowledgments": [ { "names": [ "the Mozilla project" ] }, { "names": [ "Mozilla Developers" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2018-5183", "cwe": { "id": "CWE-120", "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)" }, "discovery_date": "2018-05-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1576283" } ], "notes": [ { "category": "description", "text": "Mozilla developers backported selected changes in the Skia library. These changes correct memory corruption issues including invalid buffer reads and writes during graphic operations. This vulnerability affects Thunderbird ESR \u003c 52.8, Thunderbird \u003c 52.8, and Firefox ESR \u003c 52.8.", "title": "Vulnerability description" }, { "category": "summary", "text": "Mozilla: Backport critical security fixes in Skia", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-5183" }, { "category": "external", "summary": "RHBZ#1576283", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576283" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5183", "url": "https://www.cve.org/CVERecord?id=CVE-2018-5183" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5183", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5183" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5183", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5183" } ], "release_date": "2018-05-09T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-05-14T14:48:05+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.", "product_ids": [ "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1414" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src", "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x", "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "Mozilla: Backport critical security fixes in Skia" } ] }
rhsa-2018:1415
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Critical" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for firefox is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.\n\nThis update upgrades Firefox to version 52.8.0 ESR.\n\nSecurity Fix(es):\n\n* Mozilla: Memory safety bugs fixed in Firefox 60 and Firefox ESR 52.8 (CVE-2018-5150)\n\n* Mozilla: Backport critical security fixes in Skia (CVE-2018-5183)\n\n* Mozilla: Use-after-free with SVG animations and clip paths (CVE-2018-5154)\n\n* Mozilla: Use-after-free with SVG animations and text paths (CVE-2018-5155)\n\n* Mozilla: Same-origin bypass of PDF Viewer to view protected PDF files (CVE-2018-5157)\n\n* Mozilla: Malicious PDF can inject JavaScript into PDF Viewer (CVE-2018-5158)\n\n* Mozilla: Integer overflow and out-of-bounds write in Skia (CVE-2018-5159)\n\n* Mozilla: Lightweight themes can be installed without user interaction (CVE-2018-5168)\n\n* Mozilla: Buffer overflow during UTF-8 to Unicode string conversion through legacy extension (CVE-2018-5178)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nRed Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Christoph Diehl, Randell Jesup, Tyson Smith, Alex Gaynor, Ronald Crane, Julian Hector, Kannan Vijayan, Jason Kratzer, Mozilla Developers, Nils, Wladimir Palant, Ivan Fratric, and Root Object as the original reporters.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2018:1415", "url": "https://access.redhat.com/errata/RHSA-2018:1415" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#critical", "url": "https://access.redhat.com/security/updates/classification/#critical" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/" }, { "category": "external", "summary": "1576250", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576250" }, { "category": "external", "summary": "1576255", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576255" }, { "category": "external", "summary": "1576257", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576257" }, { "category": "external", "summary": "1576258", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576258" }, { "category": "external", "summary": "1576259", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576259" }, { "category": "external", "summary": "1576260", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576260" }, { "category": "external", "summary": "1576269", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576269" }, { "category": "external", "summary": "1576278", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576278" }, { "category": "external", "summary": "1576283", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576283" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_1415.json" } ], "title": "Red Hat Security Advisory: firefox security update", "tracking": { "current_release_date": "2024-11-22T11:57:58+00:00", "generator": { "date": "2024-11-22T11:57:58+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2018:1415", "initial_release_date": "2018-05-14T15:19:04+00:00", "revision_history": [ { "date": "2018-05-14T15:19:04+00:00", "number": "1", "summary": "Initial version" }, { "date": "2018-05-14T15:19:04+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-22T11:57:58+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux Client (v. 7)", "product": { "name": "Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.5.Z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:7::client" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Client Optional (v. 7)", "product": { "name": "Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.5.Z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:7::client" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Server (v. 7)", "product": { "name": "Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.5.Z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:7::server" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product": { "name": "Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-Alt-7.5.Z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:7::server" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Server Optional (v. 7)", "product": { "name": "Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.5.Z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:7::server" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product": { "name": "Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product_id": "7Server-optional-Alt-7.5.Z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:7::server" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Workstation (v. 7)", "product": { "name": "Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.5.Z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:7::workstation" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Workstation Optional (v. 7)", "product": { "name": "Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.5.Z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:7::workstation" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux" }, { "branches": [ { "category": "product_version", "name": "firefox-0:52.8.0-1.el7_5.x86_64", "product": { "name": "firefox-0:52.8.0-1.el7_5.x86_64", "product_id": "firefox-0:52.8.0-1.el7_5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox@52.8.0-1.el7_5?arch=x86_64" } } }, { "category": "product_version", "name": "firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "product": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "product_id": "firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox-debuginfo@52.8.0-1.el7_5?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "firefox-0:52.8.0-1.el7_5.src", "product": { "name": "firefox-0:52.8.0-1.el7_5.src", "product_id": "firefox-0:52.8.0-1.el7_5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox@52.8.0-1.el7_5?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "firefox-0:52.8.0-1.el7_5.i686", "product": { "name": "firefox-0:52.8.0-1.el7_5.i686", "product_id": "firefox-0:52.8.0-1.el7_5.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox@52.8.0-1.el7_5?arch=i686" } } }, { "category": "product_version", "name": "firefox-debuginfo-0:52.8.0-1.el7_5.i686", "product": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.i686", "product_id": "firefox-debuginfo-0:52.8.0-1.el7_5.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox-debuginfo@52.8.0-1.el7_5?arch=i686" } } } ], "category": "architecture", "name": "i686" }, { "branches": [ { "category": "product_version", "name": "firefox-0:52.8.0-1.el7_5.s390x", "product": { "name": "firefox-0:52.8.0-1.el7_5.s390x", "product_id": "firefox-0:52.8.0-1.el7_5.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox@52.8.0-1.el7_5?arch=s390x" } } }, { "category": "product_version", "name": "firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "product": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "product_id": "firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox-debuginfo@52.8.0-1.el7_5?arch=s390x" } } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "firefox-0:52.8.0-1.el7_5.ppc64", "product": { "name": "firefox-0:52.8.0-1.el7_5.ppc64", "product_id": "firefox-0:52.8.0-1.el7_5.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox@52.8.0-1.el7_5?arch=ppc64" } } }, { "category": "product_version", "name": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "product": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "product_id": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox-debuginfo@52.8.0-1.el7_5?arch=ppc64" } } } ], "category": "architecture", "name": "ppc64" }, { "branches": [ { "category": "product_version", "name": "firefox-0:52.8.0-1.el7_5.ppc64le", "product": { "name": "firefox-0:52.8.0-1.el7_5.ppc64le", "product_id": "firefox-0:52.8.0-1.el7_5.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox@52.8.0-1.el7_5?arch=ppc64le" } } }, { "category": "product_version", "name": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "product": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "product_id": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox-debuginfo@52.8.0-1.el7_5?arch=ppc64le" } } } ], "category": "architecture", "name": "ppc64le" }, { "branches": [ { "category": "product_version", "name": "firefox-0:52.8.0-1.el7_5.aarch64", "product": { "name": "firefox-0:52.8.0-1.el7_5.aarch64", "product_id": "firefox-0:52.8.0-1.el7_5.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox@52.8.0-1.el7_5?arch=aarch64" } } }, { "category": "product_version", "name": "firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "product": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "product_id": "firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox-debuginfo@52.8.0-1.el7_5?arch=aarch64" } } } ], "category": "architecture", "name": "aarch64" }, { "branches": [ { "category": "product_version", "name": "firefox-0:52.8.0-1.el7_5.s390", "product": { "name": "firefox-0:52.8.0-1.el7_5.s390", "product_id": "firefox-0:52.8.0-1.el7_5.s390", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox@52.8.0-1.el7_5?arch=s390" } } }, { "category": "product_version", "name": "firefox-debuginfo-0:52.8.0-1.el7_5.s390", "product": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.s390", "product_id": "firefox-debuginfo-0:52.8.0-1.el7_5.s390", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox-debuginfo@52.8.0-1.el7_5?arch=s390" } } } ], "category": "architecture", "name": "s390" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.aarch64 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64" }, "product_reference": "firefox-0:52.8.0-1.el7_5.aarch64", "relates_to_product_reference": "7Client-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.i686 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686" }, "product_reference": "firefox-0:52.8.0-1.el7_5.i686", "relates_to_product_reference": "7Client-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64" }, "product_reference": "firefox-0:52.8.0-1.el7_5.ppc64", "relates_to_product_reference": "7Client-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le" }, "product_reference": "firefox-0:52.8.0-1.el7_5.ppc64le", "relates_to_product_reference": "7Client-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.s390 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390" }, "product_reference": "firefox-0:52.8.0-1.el7_5.s390", "relates_to_product_reference": "7Client-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.s390x as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x" }, "product_reference": "firefox-0:52.8.0-1.el7_5.s390x", "relates_to_product_reference": "7Client-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.src as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src" }, "product_reference": "firefox-0:52.8.0-1.el7_5.src", "relates_to_product_reference": "7Client-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64" }, "product_reference": "firefox-0:52.8.0-1.el7_5.x86_64", "relates_to_product_reference": "7Client-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.aarch64 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "relates_to_product_reference": "7Client-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.i686 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.i686", "relates_to_product_reference": "7Client-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "relates_to_product_reference": "7Client-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "relates_to_product_reference": "7Client-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.s390 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.s390", "relates_to_product_reference": "7Client-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.s390x as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "relates_to_product_reference": "7Client-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "relates_to_product_reference": "7Client-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.aarch64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64" }, "product_reference": "firefox-0:52.8.0-1.el7_5.aarch64", "relates_to_product_reference": "7Client-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.i686 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686" }, "product_reference": "firefox-0:52.8.0-1.el7_5.i686", "relates_to_product_reference": "7Client-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64" }, "product_reference": "firefox-0:52.8.0-1.el7_5.ppc64", "relates_to_product_reference": "7Client-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le" }, "product_reference": "firefox-0:52.8.0-1.el7_5.ppc64le", "relates_to_product_reference": "7Client-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.s390 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390" }, "product_reference": "firefox-0:52.8.0-1.el7_5.s390", "relates_to_product_reference": "7Client-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x" }, "product_reference": "firefox-0:52.8.0-1.el7_5.s390x", "relates_to_product_reference": "7Client-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.src as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src" }, "product_reference": "firefox-0:52.8.0-1.el7_5.src", "relates_to_product_reference": "7Client-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64" }, "product_reference": "firefox-0:52.8.0-1.el7_5.x86_64", "relates_to_product_reference": "7Client-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.aarch64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "relates_to_product_reference": "7Client-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.i686 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.i686", "relates_to_product_reference": "7Client-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "relates_to_product_reference": "7Client-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "relates_to_product_reference": "7Client-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.s390 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.s390", "relates_to_product_reference": "7Client-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "relates_to_product_reference": "7Client-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "relates_to_product_reference": "7Client-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.aarch64 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64" }, "product_reference": "firefox-0:52.8.0-1.el7_5.aarch64", "relates_to_product_reference": "7Server-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.i686 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686" }, "product_reference": "firefox-0:52.8.0-1.el7_5.i686", "relates_to_product_reference": "7Server-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64" }, "product_reference": "firefox-0:52.8.0-1.el7_5.ppc64", "relates_to_product_reference": "7Server-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le" }, "product_reference": "firefox-0:52.8.0-1.el7_5.ppc64le", "relates_to_product_reference": "7Server-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.s390 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390" }, "product_reference": "firefox-0:52.8.0-1.el7_5.s390", "relates_to_product_reference": "7Server-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.s390x as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x" }, "product_reference": "firefox-0:52.8.0-1.el7_5.s390x", "relates_to_product_reference": "7Server-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.src as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src" }, "product_reference": "firefox-0:52.8.0-1.el7_5.src", "relates_to_product_reference": "7Server-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64" }, "product_reference": "firefox-0:52.8.0-1.el7_5.x86_64", "relates_to_product_reference": "7Server-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.aarch64 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "relates_to_product_reference": "7Server-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.i686 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.i686", "relates_to_product_reference": "7Server-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "relates_to_product_reference": "7Server-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "relates_to_product_reference": "7Server-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.s390 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.s390", "relates_to_product_reference": "7Server-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.s390x as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "relates_to_product_reference": "7Server-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "relates_to_product_reference": "7Server-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.aarch64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64" }, "product_reference": "firefox-0:52.8.0-1.el7_5.aarch64", "relates_to_product_reference": "7Server-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.i686 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686" }, "product_reference": "firefox-0:52.8.0-1.el7_5.i686", "relates_to_product_reference": "7Server-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.ppc64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64" }, "product_reference": "firefox-0:52.8.0-1.el7_5.ppc64", "relates_to_product_reference": "7Server-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le" }, "product_reference": "firefox-0:52.8.0-1.el7_5.ppc64le", "relates_to_product_reference": "7Server-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.s390 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390" }, "product_reference": "firefox-0:52.8.0-1.el7_5.s390", "relates_to_product_reference": "7Server-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.s390x as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x" }, "product_reference": "firefox-0:52.8.0-1.el7_5.s390x", "relates_to_product_reference": "7Server-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.src as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src" }, "product_reference": "firefox-0:52.8.0-1.el7_5.src", "relates_to_product_reference": "7Server-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.x86_64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64" }, "product_reference": "firefox-0:52.8.0-1.el7_5.x86_64", "relates_to_product_reference": "7Server-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.aarch64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "relates_to_product_reference": "7Server-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.i686 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.i686", "relates_to_product_reference": "7Server-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "relates_to_product_reference": "7Server-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "relates_to_product_reference": "7Server-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.s390 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.s390", "relates_to_product_reference": "7Server-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.s390x as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "relates_to_product_reference": "7Server-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.x86_64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "relates_to_product_reference": "7Server-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.aarch64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64" }, "product_reference": "firefox-0:52.8.0-1.el7_5.aarch64", "relates_to_product_reference": "7Server-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686" }, "product_reference": "firefox-0:52.8.0-1.el7_5.i686", "relates_to_product_reference": "7Server-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64" }, "product_reference": "firefox-0:52.8.0-1.el7_5.ppc64", "relates_to_product_reference": "7Server-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le" }, "product_reference": "firefox-0:52.8.0-1.el7_5.ppc64le", "relates_to_product_reference": "7Server-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.s390 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390" }, "product_reference": "firefox-0:52.8.0-1.el7_5.s390", "relates_to_product_reference": "7Server-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x" }, "product_reference": "firefox-0:52.8.0-1.el7_5.s390x", "relates_to_product_reference": "7Server-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.src as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src" }, "product_reference": "firefox-0:52.8.0-1.el7_5.src", "relates_to_product_reference": "7Server-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64" }, "product_reference": "firefox-0:52.8.0-1.el7_5.x86_64", "relates_to_product_reference": "7Server-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.aarch64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "relates_to_product_reference": "7Server-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.i686", "relates_to_product_reference": "7Server-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "relates_to_product_reference": "7Server-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "relates_to_product_reference": "7Server-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.s390 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.s390", "relates_to_product_reference": "7Server-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "relates_to_product_reference": "7Server-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "relates_to_product_reference": "7Server-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.aarch64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product_id": "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64" }, "product_reference": "firefox-0:52.8.0-1.el7_5.aarch64", "relates_to_product_reference": "7Server-optional-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.i686 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product_id": "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686" }, "product_reference": "firefox-0:52.8.0-1.el7_5.i686", "relates_to_product_reference": "7Server-optional-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.ppc64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product_id": "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64" }, "product_reference": "firefox-0:52.8.0-1.el7_5.ppc64", "relates_to_product_reference": "7Server-optional-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product_id": "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le" }, "product_reference": "firefox-0:52.8.0-1.el7_5.ppc64le", "relates_to_product_reference": "7Server-optional-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.s390 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product_id": "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390" }, "product_reference": "firefox-0:52.8.0-1.el7_5.s390", "relates_to_product_reference": "7Server-optional-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.s390x as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product_id": "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x" }, "product_reference": "firefox-0:52.8.0-1.el7_5.s390x", "relates_to_product_reference": "7Server-optional-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.src as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product_id": "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src" }, "product_reference": "firefox-0:52.8.0-1.el7_5.src", "relates_to_product_reference": "7Server-optional-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.x86_64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product_id": "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64" }, "product_reference": "firefox-0:52.8.0-1.el7_5.x86_64", "relates_to_product_reference": "7Server-optional-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.aarch64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product_id": "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "relates_to_product_reference": "7Server-optional-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.i686 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product_id": "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.i686", "relates_to_product_reference": "7Server-optional-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product_id": "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "relates_to_product_reference": "7Server-optional-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product_id": "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "relates_to_product_reference": "7Server-optional-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.s390 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product_id": "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.s390", "relates_to_product_reference": "7Server-optional-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.s390x as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product_id": "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "relates_to_product_reference": "7Server-optional-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.x86_64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product_id": "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "relates_to_product_reference": "7Server-optional-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.aarch64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64" }, "product_reference": "firefox-0:52.8.0-1.el7_5.aarch64", "relates_to_product_reference": "7Workstation-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.i686 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686" }, "product_reference": "firefox-0:52.8.0-1.el7_5.i686", "relates_to_product_reference": "7Workstation-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64" }, "product_reference": "firefox-0:52.8.0-1.el7_5.ppc64", "relates_to_product_reference": "7Workstation-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le" }, "product_reference": "firefox-0:52.8.0-1.el7_5.ppc64le", "relates_to_product_reference": "7Workstation-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.s390 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390" }, "product_reference": "firefox-0:52.8.0-1.el7_5.s390", "relates_to_product_reference": "7Workstation-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x" }, "product_reference": "firefox-0:52.8.0-1.el7_5.s390x", "relates_to_product_reference": "7Workstation-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.src as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src" }, "product_reference": "firefox-0:52.8.0-1.el7_5.src", "relates_to_product_reference": "7Workstation-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64" }, "product_reference": "firefox-0:52.8.0-1.el7_5.x86_64", "relates_to_product_reference": "7Workstation-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.aarch64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "relates_to_product_reference": "7Workstation-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.i686 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.i686", "relates_to_product_reference": "7Workstation-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "relates_to_product_reference": "7Workstation-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "relates_to_product_reference": "7Workstation-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.s390 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.s390", "relates_to_product_reference": "7Workstation-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "relates_to_product_reference": "7Workstation-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "relates_to_product_reference": "7Workstation-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.aarch64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64" }, "product_reference": "firefox-0:52.8.0-1.el7_5.aarch64", "relates_to_product_reference": "7Workstation-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686" }, "product_reference": "firefox-0:52.8.0-1.el7_5.i686", "relates_to_product_reference": "7Workstation-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64" }, "product_reference": "firefox-0:52.8.0-1.el7_5.ppc64", "relates_to_product_reference": "7Workstation-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le" }, "product_reference": "firefox-0:52.8.0-1.el7_5.ppc64le", "relates_to_product_reference": "7Workstation-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.s390 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390" }, "product_reference": "firefox-0:52.8.0-1.el7_5.s390", "relates_to_product_reference": "7Workstation-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x" }, "product_reference": "firefox-0:52.8.0-1.el7_5.s390x", "relates_to_product_reference": "7Workstation-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.src as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src" }, "product_reference": "firefox-0:52.8.0-1.el7_5.src", "relates_to_product_reference": "7Workstation-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:52.8.0-1.el7_5.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64" }, "product_reference": "firefox-0:52.8.0-1.el7_5.x86_64", "relates_to_product_reference": "7Workstation-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.aarch64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "relates_to_product_reference": "7Workstation-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.i686", "relates_to_product_reference": "7Workstation-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "relates_to_product_reference": "7Workstation-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "relates_to_product_reference": "7Workstation-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.s390 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.s390", "relates_to_product_reference": "7Workstation-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "relates_to_product_reference": "7Workstation-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:52.8.0-1.el7_5.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64" }, "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "relates_to_product_reference": "7Workstation-optional-7.5.Z" } ] }, "vulnerabilities": [ { "acknowledgments": [ { "names": [ "the Mozilla project" ] }, { "names": [ "Christoph Diehl", "Randell Jesup", "Tyson Smith", "Alex Gaynor", "Ronald Crane", "Julian Hector", "Kannan Vijayan", "Jason Kratzer" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2018-5150", "cwe": { "id": "CWE-120", "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)" }, "discovery_date": "2018-05-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1576250" } ], "notes": [ { "category": "description", "text": "Memory safety bugs were reported in Firefox 59, Firefox ESR 52.7, and Thunderbird 52.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird \u003c 52.8, Thunderbird ESR \u003c 52.8, Firefox \u003c 60, and Firefox ESR \u003c 52.8.", "title": "Vulnerability description" }, { "category": "summary", "text": "Mozilla: Memory safety bugs fixed in Firefox 60 and Firefox ESR 52.8", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-5150" }, { "category": "external", "summary": "RHBZ#1576250", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576250" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5150", "url": "https://www.cve.org/CVERecord?id=CVE-2018-5150" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5150", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5150" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5150", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5150" } ], "release_date": "2018-05-09T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-05-14T15:19:04+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.", "product_ids": [ "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1415" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "Mozilla: Memory safety bugs fixed in Firefox 60 and Firefox ESR 52.8" }, { "acknowledgments": [ { "names": [ "the Mozilla project" ] }, { "names": [ "Nils" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2018-5154", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "discovery_date": "2018-05-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1576255" } ], "notes": [ { "category": "description", "text": "A use-after-free vulnerability can occur while enumerating attributes during SVG animations with clip paths. This results in a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 52.8, Thunderbird ESR \u003c 52.8, Firefox \u003c 60, and Firefox ESR \u003c 52.8.", "title": "Vulnerability description" }, { "category": "summary", "text": "Mozilla: Use-after-free with SVG animations and clip paths", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-5154" }, { "category": "external", "summary": "RHBZ#1576255", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576255" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5154", "url": "https://www.cve.org/CVERecord?id=CVE-2018-5154" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5154", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5154" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5154", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5154" } ], "release_date": "2018-05-09T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-05-14T15:19:04+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.", "product_ids": [ "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1415" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "Mozilla: Use-after-free with SVG animations and clip paths" }, { "acknowledgments": [ { "names": [ "the Mozilla project" ] }, { "names": [ "Nils" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2018-5155", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "discovery_date": "2018-05-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1576257" } ], "notes": [ { "category": "description", "text": "A use-after-free vulnerability can occur while adjusting layout during SVG animations with text paths. This results in a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 52.8, Thunderbird ESR \u003c 52.8, Firefox \u003c 60, and Firefox ESR \u003c 52.8.", "title": "Vulnerability description" }, { "category": "summary", "text": "Mozilla: Use-after-free with SVG animations and text paths", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-5155" }, { "category": "external", "summary": "RHBZ#1576257", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576257" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5155", "url": "https://www.cve.org/CVERecord?id=CVE-2018-5155" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5155", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5155" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5155", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5155" } ], "release_date": "2018-05-09T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-05-14T15:19:04+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.", "product_ids": [ "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1415" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "Mozilla: Use-after-free with SVG animations and text paths" }, { "acknowledgments": [ { "names": [ "the Mozilla project" ] }, { "names": [ "Wladimir Palant" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2018-5157", "cwe": { "id": "CWE-829", "name": "Inclusion of Functionality from Untrusted Control Sphere" }, "discovery_date": "2018-05-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1576258" } ], "notes": [ { "category": "description", "text": "Same-origin protections for the PDF viewer can be bypassed, allowing a malicious site to intercept messages meant for the viewer. This could allow the site to retrieve PDF files restricted to viewing by an authenticated user on a third-party website. This vulnerability affects Firefox ESR \u003c 52.8 and Firefox \u003c 60.", "title": "Vulnerability description" }, { "category": "summary", "text": "Mozilla: Same-origin bypass of PDF Viewer to view protected PDF files", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-5157" }, { "category": "external", "summary": "RHBZ#1576258", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576258" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5157", "url": "https://www.cve.org/CVERecord?id=CVE-2018-5157" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5157", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5157" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5157", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5157" } ], "release_date": "2018-05-09T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-05-14T15:19:04+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.", "product_ids": [ "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1415" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "Mozilla: Same-origin bypass of PDF Viewer to view protected PDF files" }, { "acknowledgments": [ { "names": [ "the Mozilla project" ] }, { "names": [ "Wladimir Palant" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2018-5158", "cwe": { "id": "CWE-95", "name": "Improper Neutralization of Directives in Dynamically Evaluated Code (\u0027Eval Injection\u0027)" }, "discovery_date": "2018-05-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1576259" } ], "notes": [ { "category": "description", "text": "The PDF viewer does not sufficiently sanitize PostScript calculator functions, allowing malicious JavaScript to be injected through a crafted PDF file. This JavaScript can then be run with the permissions of the PDF viewer by its worker. This vulnerability affects Firefox ESR \u003c 52.8 and Firefox \u003c 60.", "title": "Vulnerability description" }, { "category": "summary", "text": "Mozilla: Malicious PDF can inject JavaScript into PDF Viewer", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-5158" }, { "category": "external", "summary": "RHBZ#1576259", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576259" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5158", "url": "https://www.cve.org/CVERecord?id=CVE-2018-5158" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5158", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5158" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5158", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5158" } ], "release_date": "2018-05-09T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-05-14T15:19:04+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.", "product_ids": [ "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1415" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "Mozilla: Malicious PDF can inject JavaScript into PDF Viewer" }, { "acknowledgments": [ { "names": [ "the Mozilla project" ] }, { "names": [ "Ivan Fratric" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2018-5159", "cwe": { "id": "CWE-120", "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)" }, "discovery_date": "2018-05-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1576260" } ], "notes": [ { "category": "description", "text": "An integer overflow can occur in the Skia library due to 32-bit integer use in an array without integer overflow checks, resulting in possible out-of-bounds writes. This could lead to a potentially exploitable crash triggerable by web content. This vulnerability affects Thunderbird \u003c 52.8, Thunderbird ESR \u003c 52.8, Firefox \u003c 60, and Firefox ESR \u003c 52.8.", "title": "Vulnerability description" }, { "category": "summary", "text": "Mozilla: Integer overflow and out-of-bounds write in Skia", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-5159" }, { "category": "external", "summary": "RHBZ#1576260", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576260" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5159", "url": "https://www.cve.org/CVERecord?id=CVE-2018-5159" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5159", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5159" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5159", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5159" } ], "release_date": "2018-05-09T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-05-14T15:19:04+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.", "product_ids": [ "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1415" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "Mozilla: Integer overflow and out-of-bounds write in Skia" }, { "acknowledgments": [ { "names": [ "the Mozilla project" ] }, { "names": [ "Wladimir Palant" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2018-5168", "cwe": { "id": "CWE-862", "name": "Missing Authorization" }, "discovery_date": "2018-05-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1576269" } ], "notes": [ { "category": "description", "text": "Sites can bypass security checks on permissions to install lightweight themes by manipulating the \"baseURI\" property of the theme element. This could allow a malicious site to install a theme without user interaction which could contain offensive or embarrassing images. This vulnerability affects Thunderbird \u003c 52.8, Thunderbird ESR \u003c 52.8, Firefox \u003c 60, and Firefox ESR \u003c 52.8.", "title": "Vulnerability description" }, { "category": "summary", "text": "Mozilla: Lightweight themes can be installed without user interaction", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-5168" }, { "category": "external", "summary": "RHBZ#1576269", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576269" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5168", "url": "https://www.cve.org/CVERecord?id=CVE-2018-5168" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5168", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5168" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5168", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5168" } ], "release_date": "2018-05-09T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-05-14T15:19:04+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.", "product_ids": [ "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1415" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0" }, "products": [ "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "Mozilla: Lightweight themes can be installed without user interaction" }, { "acknowledgments": [ { "names": [ "the Mozilla project" ] }, { "names": [ "Root Object" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2018-5178", "cwe": { "id": "CWE-120", "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)" }, "discovery_date": "2018-05-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1576278" } ], "notes": [ { "category": "description", "text": "A buffer overflow was found during UTF8 to Unicode string conversion within JavaScript with extremely large amounts of data. This vulnerability requires the use of a malicious or vulnerable legacy extension in order to occur. This vulnerability affects Thunderbird ESR \u003c 52.8, Thunderbird \u003c 52.8, and Firefox ESR \u003c 52.8.", "title": "Vulnerability description" }, { "category": "summary", "text": "Mozilla: Buffer overflow during UTF-8 to Unicode string conversion through legacy extension", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-5178" }, { "category": "external", "summary": "RHBZ#1576278", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576278" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5178", "url": "https://www.cve.org/CVERecord?id=CVE-2018-5178" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5178", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5178" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5178", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5178" } ], "release_date": "2018-05-09T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-05-14T15:19:04+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.", "product_ids": [ "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1415" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "Mozilla: Buffer overflow during UTF-8 to Unicode string conversion through legacy extension" }, { "acknowledgments": [ { "names": [ "the Mozilla project" ] }, { "names": [ "Mozilla Developers" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2018-5183", "cwe": { "id": "CWE-120", "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)" }, "discovery_date": "2018-05-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1576283" } ], "notes": [ { "category": "description", "text": "Mozilla developers backported selected changes in the Skia library. These changes correct memory corruption issues including invalid buffer reads and writes during graphic operations. This vulnerability affects Thunderbird ESR \u003c 52.8, Thunderbird \u003c 52.8, and Firefox ESR \u003c 52.8.", "title": "Vulnerability description" }, { "category": "summary", "text": "Mozilla: Backport critical security fixes in Skia", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-5183" }, { "category": "external", "summary": "RHBZ#1576283", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576283" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5183", "url": "https://www.cve.org/CVERecord?id=CVE-2018-5183" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5183", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5183" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5183", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5183" } ], "release_date": "2018-05-09T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-05-14T15:19:04+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.", "product_ids": [ "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1415" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src", "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x", "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "Mozilla: Backport critical security fixes in Skia" } ] }
ghsa-7jg2-jgv3-fmr4
Vulnerability from github
The PDF viewer does not sufficiently sanitize PostScript calculator functions, allowing malicious JavaScript to be injected through a crafted PDF file. This JavaScript can then be run with the permissions of the PDF viewer by its worker. This vulnerability affects Firefox ESR < 52.8, Firefox < 60 and PDF.js < 2.0.550.
{ "affected": [ { "package": { "ecosystem": "npm", "name": "pdfjs-dist" }, "ranges": [ { "events": [ { "introduced": "2.0.0" }, { "fixed": "2.0.550" } ], "type": "ECOSYSTEM" } ] }, { "package": { "ecosystem": "npm", "name": "pdfjs-dist" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "1.10.100" } ], "type": "ECOSYSTEM" } ] } ], "aliases": [ "CVE-2018-5158" ], "database_specific": { "cwe_ids": [ "CWE-94" ], "github_reviewed": true, "github_reviewed_at": "2024-05-28T20:43:53Z", "nvd_published_at": "2018-06-11T21:29:00Z", "severity": "HIGH" }, "details": "The PDF viewer does not sufficiently sanitize PostScript calculator functions, allowing malicious JavaScript to be injected through a crafted PDF file. This JavaScript can then be run with the permissions of the PDF viewer by its worker. This vulnerability affects Firefox ESR \u003c 52.8, Firefox \u003c 60 and PDF.js \u003c 2.0.550.", "id": "GHSA-7jg2-jgv3-fmr4", "modified": "2024-05-28T20:43:53Z", "published": "2022-05-14T01:22:02Z", "references": [ { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5158" }, { "type": "WEB", "url": "https://github.com/mozilla/pdf.js/pull/9659" }, { "type": "WEB", "url": "https://github.com/mozilla/pdf.js/commit/2dc4af525d1612c98afcd1e6bee57d4788f78f97" }, { "type": "WEB", "url": "https://access.redhat.com/errata/RHSA-2018:1414" }, { "type": "WEB", "url": "https://access.redhat.com/errata/RHSA-2018:1415" }, { "type": "WEB", "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1452075" }, { "type": "PACKAGE", "url": "https://github.com/mozilla/pdf.js" }, { "type": "WEB", "url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00007.html" }, { "type": "WEB", "url": "https://security.gentoo.org/glsa/201810-01" }, { "type": "WEB", "url": "https://usn.ubuntu.com/3645-1" }, { "type": "WEB", "url": "https://www.debian.org/security/2018/dsa-4199" }, { "type": "WEB", "url": "https://www.mozilla.org/security/advisories/mfsa2018-11" }, { "type": "WEB", "url": "https://www.mozilla.org/security/advisories/mfsa2018-12" }, { "type": "WEB", "url": "http://www.securityfocus.com/bid/104136" }, { "type": "WEB", "url": "http://www.securitytracker.com/id/1040896" } ], "schema_version": "1.4.0", "severity": [ { "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "type": "CVSS_V3" } ], "summary": "Malicious PDF can inject JavaScript into PDF Viewer" }
cnvd-2018-10243
Vulnerability from cnvd
Title: Mozilla Firefox JavaScript注入漏洞
Description:
Mozilla Firefox浏览器(火狐)是一个自由的、开放源码的浏览器,适用于Windows、Linux及MacOSX平台。
Mozilla Firefox存在恶意JavaScript注入漏洞。该漏洞产生的原因是PDF查看器未能充分验证PostScript计算器功能。攻击者可通过特制PDF文件利用该漏洞注入恶意JavaScript,该JavaScript随后可以PDF查看器权限运行。
Severity: 中
Patch Name: Mozilla Firefox JavaScript注入漏洞的补丁
Patch Description:
Mozilla Firefox浏览器(火狐)是一个自由的、开放源码的浏览器,适用于Windows、Linux及MacOSX平台。
Mozilla Firefox存在恶意JavaScript注入漏洞。该漏洞产生的原因是PDF查看器未能充分验证PostScript计算器功能。攻击者可通过特制PDF文件利用该漏洞注入恶意JavaScript,该JavaScript随后可以PDF查看器权限运行。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description:
厂商已发布漏洞修复程序,请及时关注更新: https://www.mozilla.org/en-US/security/advisories/mfsa2018-11/
Reference: https://www.mozilla.org/en-US/security/advisories/mfsa2018-11/
Name | Mozilla Firefox |
---|
{ "cves": { "cve": { "cveNumber": "CVE-2018-5158" } }, "description": "Mozilla Firefox\u6d4f\u89c8\u5668\uff08\u706b\u72d0\uff09\u662f\u4e00\u4e2a\u81ea\u7531\u7684\u3001\u5f00\u653e\u6e90\u7801\u7684\u6d4f\u89c8\u5668\uff0c\u9002\u7528\u4e8eWindows\u3001Linux\u53caMacOSX\u5e73\u53f0\u3002\r\n\r\nMozilla Firefox\u5b58\u5728\u6076\u610fJavaScript\u6ce8\u5165\u6f0f\u6d1e\u3002\u8be5\u6f0f\u6d1e\u4ea7\u751f\u7684\u539f\u56e0\u662fPDF\u67e5\u770b\u5668\u672a\u80fd\u5145\u5206\u9a8c\u8bc1PostScript\u8ba1\u7b97\u5668\u529f\u80fd\u3002\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u7279\u5236PDF\u6587\u4ef6\u5229\u7528\u8be5\u6f0f\u6d1e\u6ce8\u5165\u6076\u610fJavaScript\uff0c\u8be5JavaScript\u968f\u540e\u53ef\u4ee5PDF\u67e5\u770b\u5668\u6743\u9650\u8fd0\u884c\u3002", "discovererName": "Wladimir Palant", "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://www.mozilla.org/en-US/security/advisories/mfsa2018-11/", "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e", "number": "CNVD-2018-10243", "openTime": "2018-05-24", "patchDescription": "Mozilla Firefox\u6d4f\u89c8\u5668\uff08\u706b\u72d0\uff09\u662f\u4e00\u4e2a\u81ea\u7531\u7684\u3001\u5f00\u653e\u6e90\u7801\u7684\u6d4f\u89c8\u5668\uff0c\u9002\u7528\u4e8eWindows\u3001Linux\u53caMacOSX\u5e73\u53f0\u3002\r\n\r\nMozilla Firefox\u5b58\u5728\u6076\u610fJavaScript\u6ce8\u5165\u6f0f\u6d1e\u3002\u8be5\u6f0f\u6d1e\u4ea7\u751f\u7684\u539f\u56e0\u662fPDF\u67e5\u770b\u5668\u672a\u80fd\u5145\u5206\u9a8c\u8bc1PostScript\u8ba1\u7b97\u5668\u529f\u80fd\u3002\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u7279\u5236PDF\u6587\u4ef6\u5229\u7528\u8be5\u6f0f\u6d1e\u6ce8\u5165\u6076\u610fJavaScript\uff0c\u8be5JavaScript\u968f\u540e\u53ef\u4ee5PDF\u67e5\u770b\u5668\u6743\u9650\u8fd0\u884c\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002", "patchName": "Mozilla Firefox JavaScript\u6ce8\u5165\u6f0f\u6d1e\u7684\u8865\u4e01", "products": { "product": "Mozilla Firefox" }, "referenceLink": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-11/", "serverity": "\u4e2d", "submitTime": "2018-05-11", "title": "Mozilla Firefox JavaScript\u6ce8\u5165\u6f0f\u6d1e" }
suse-su-2018:1334-1
Vulnerability from csaf_suse
Notes
{ "document": { "aggregate_severity": { "namespace": "https://www.suse.com/support/security/rating/", "text": "important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright 2024 SUSE LLC. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Security update for MozillaFirefox", "title": "Title of the patch" }, { "category": "description", "text": "This update for MozillaFirefox to the ESR 52.8 release fixes the following issues:\n\nMozil to Firefox ESR 52.8 (bsc#1092548)\n\nSecurity issues fixed:\n\n- MFSA 2018-12/CVE-2018-5159: Integer overflow and out-of-bounds write in Skia\n- MFSA 2018-12/CVE-2018-5158: Malicious PDF can inject JavaScript into PDF Viewer\n- MFSA 2018-12/CVE-2018-5168: Lightweight themes can be installed without user interaction\n- MFSA 2018-12/CVE-2018-5150: Memory safety bugs fixed in Firefox 60 and Firefox ESR 52.8\n- MFSA 2018-12/CVE-2018-5155: Use-after-free with SVG animations and text paths\n- MFSA 2018-12/CVE-2018-5183: Backport critical security fixes in Skia\n- MFSA 2018-12/CVE-2018-5157: Same-origin bypass of PDF Viewer to view protected PDF files\n- MFSA 2018-12/CVE-2018-5154: Use-after-free with SVG animations and clip paths\n- MFSA 2018-12/CVE-2018-5178: Buffer overflow during UTF-8 to Unicode string conversion through legacy extension\n", "title": "Description of the patch" }, { "category": "details", "text": "SUSE-OpenStack-Cloud-7-2018-943,SUSE-SLE-DESKTOP-12-SP3-2018-943,SUSE-SLE-SAP-12-SP1-2018-943,SUSE-SLE-SAP-12-SP2-2018-943,SUSE-SLE-SDK-12-SP3-2018-943,SUSE-SLE-SERVER-12-2018-943,SUSE-SLE-SERVER-12-SP1-2018-943,SUSE-SLE-SERVER-12-SP2-2018-943,SUSE-SLE-SERVER-12-SP3-2018-943,SUSE-Storage-4-2018-943", "title": "Patchnames" }, { "category": "legal_disclaimer", "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", "title": "Terms of use" } ], "publisher": { "category": "vendor", "contact_details": "https://www.suse.com/support/security/contact/", "name": "SUSE Product Security Team", "namespace": "https://www.suse.com/" }, "references": [ { "category": "external", "summary": "SUSE ratings", "url": "https://www.suse.com/support/security/rating/" }, { "category": "self", "summary": "URL of this CSAF notice", "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2018_1334-1.json" }, { "category": "self", "summary": "URL for SUSE-SU-2018:1334-1", "url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181334-1/" }, { "category": "self", "summary": "E-Mail link for SUSE-SU-2018:1334-1", "url": "https://lists.suse.com/pipermail/sle-security-updates/2018-May/004065.html" }, { "category": "self", "summary": "SUSE Bug 1092548", "url": "https://bugzilla.suse.com/1092548" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5150 page", "url": "https://www.suse.com/security/cve/CVE-2018-5150/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5154 page", "url": "https://www.suse.com/security/cve/CVE-2018-5154/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5155 page", "url": "https://www.suse.com/security/cve/CVE-2018-5155/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5157 page", "url": "https://www.suse.com/security/cve/CVE-2018-5157/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5158 page", "url": "https://www.suse.com/security/cve/CVE-2018-5158/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5159 page", "url": "https://www.suse.com/security/cve/CVE-2018-5159/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5168 page", "url": "https://www.suse.com/security/cve/CVE-2018-5168/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5174 page", "url": "https://www.suse.com/security/cve/CVE-2018-5174/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5178 page", "url": "https://www.suse.com/security/cve/CVE-2018-5178/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5183 page", "url": "https://www.suse.com/security/cve/CVE-2018-5183/" } ], "title": "Security update for MozillaFirefox", "tracking": { "current_release_date": "2018-05-18T06:05:06Z", "generator": { "date": "2018-05-18T06:05:06Z", "engine": { "name": "cve-database.git:bin/generate-csaf.pl", "version": "1" } }, "id": "SUSE-SU-2018:1334-1", "initial_release_date": "2018-05-18T06:05:06Z", "revision_history": [ { "date": "2018-05-18T06:05:06Z", "number": "1", "summary": "Current version" } ], "status": "final", "version": "1" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_version", "name": "MozillaFirefox-devel-52.8.0esr-109.31.2.aarch64", "product": { "name": "MozillaFirefox-devel-52.8.0esr-109.31.2.aarch64", "product_id": "MozillaFirefox-devel-52.8.0esr-109.31.2.aarch64" } }, { "category": "product_version", "name": "MozillaFirefox-52.8.0esr-109.31.2.aarch64", "product": { "name": "MozillaFirefox-52.8.0esr-109.31.2.aarch64", "product_id": "MozillaFirefox-52.8.0esr-109.31.2.aarch64" } }, { "category": "product_version", "name": "MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64", "product": { "name": "MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64", "product_id": "MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64" } } ], "category": "architecture", "name": "aarch64" }, { "branches": [ { "category": "product_version", "name": "MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "product": { "name": "MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "product_id": "MozillaFirefox-52.8.0esr-109.31.2.ppc64le" } }, { "category": "product_version", "name": "MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "product": { "name": "MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "product_id": "MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le" } }, { "category": "product_version", "name": "MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "product": { "name": "MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "product_id": "MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le" } } ], "category": "architecture", "name": "ppc64le" }, { "branches": [ { "category": "product_version", "name": "MozillaFirefox-52.8.0esr-109.31.2.s390x", "product": { "name": "MozillaFirefox-52.8.0esr-109.31.2.s390x", "product_id": "MozillaFirefox-52.8.0esr-109.31.2.s390x" } }, { "category": "product_version", "name": "MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "product": { "name": "MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "product_id": "MozillaFirefox-devel-52.8.0esr-109.31.2.s390x" } }, { "category": "product_version", "name": "MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "product": { "name": "MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "product_id": "MozillaFirefox-translations-52.8.0esr-109.31.2.s390x" } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "MozillaFirefox-52.8.0esr-109.31.2.x86_64", "product": { "name": "MozillaFirefox-52.8.0esr-109.31.2.x86_64", "product_id": "MozillaFirefox-52.8.0esr-109.31.2.x86_64" } }, { "category": "product_version", "name": "MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "product": { "name": "MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "product_id": "MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64" } }, { "category": "product_version", "name": "MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "product": { "name": "MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "product_id": "MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64" } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_name", "name": "SUSE OpenStack Cloud 7", "product": { "name": "SUSE OpenStack Cloud 7", "product_id": "SUSE OpenStack Cloud 7", "product_identification_helper": { "cpe": "cpe:/o:suse:suse-openstack-cloud:7" } } }, { "category": "product_name", "name": "SUSE Linux Enterprise Desktop 12 SP3", "product": { "name": "SUSE Linux Enterprise Desktop 12 SP3", "product_id": "SUSE Linux Enterprise Desktop 12 SP3", "product_identification_helper": { "cpe": "cpe:/o:suse:sled:12:sp3" } } }, { "category": "product_name", "name": "SUSE Linux Enterprise Server for SAP Applications 12 SP1", "product": { "name": "SUSE Linux Enterprise Server for SAP Applications 12 SP1", "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1", "product_identification_helper": { "cpe": "cpe:/o:suse:sles_sap:12:sp1" } } }, { "category": "product_name", "name": "SUSE Linux Enterprise Server for SAP Applications 12 SP2", "product": { "name": "SUSE Linux Enterprise Server for SAP Applications 12 SP2", "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2", "product_identification_helper": { "cpe": "cpe:/o:suse:sles_sap:12:sp2" } } }, { "category": "product_name", "name": "SUSE Linux Enterprise Software Development Kit 12 SP3", "product": { "name": "SUSE Linux Enterprise Software Development Kit 12 SP3", "product_id": "SUSE Linux Enterprise Software Development Kit 12 SP3", "product_identification_helper": { "cpe": "cpe:/o:suse:sle-sdk:12:sp3" } } }, { "category": "product_name", "name": "SUSE Linux Enterprise Server 12-LTSS", "product": { "name": "SUSE Linux Enterprise Server 12-LTSS", "product_id": "SUSE Linux Enterprise Server 12-LTSS", "product_identification_helper": { "cpe": "cpe:/o:suse:sles-ltss:12" } } }, { "category": "product_name", "name": "SUSE Linux Enterprise Server 12 SP1-LTSS", "product": { "name": "SUSE Linux Enterprise Server 12 SP1-LTSS", "product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS", "product_identification_helper": { "cpe": "cpe:/o:suse:sles-ltss:12:sp1" } } }, { "category": "product_name", "name": "SUSE Linux Enterprise Server 12 SP2-LTSS", "product": { "name": "SUSE Linux Enterprise Server 12 SP2-LTSS", "product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS", "product_identification_helper": { "cpe": "cpe:/o:suse:sles-ltss:12:sp2" } } }, { "category": "product_name", "name": "SUSE Linux Enterprise Server 12 SP3", "product": { "name": "SUSE Linux Enterprise Server 12 SP3", "product_id": "SUSE Linux Enterprise Server 12 SP3", "product_identification_helper": { "cpe": "cpe:/o:suse:sles:12:sp3" } } }, { "category": "product_name", "name": "SUSE Linux Enterprise Server for SAP Applications 12 SP3", "product": { "name": "SUSE Linux Enterprise Server for SAP Applications 12 SP3", "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3", "product_identification_helper": { "cpe": "cpe:/o:suse:sles_sap:12:sp3" } } }, { "category": "product_name", "name": "SUSE Enterprise Storage 4", "product": { "name": "SUSE Enterprise Storage 4", "product_id": "SUSE Enterprise Storage 4", "product_identification_helper": { "cpe": "cpe:/o:suse:ses:4" } } } ], "category": "product_family", "name": "SUSE Linux Enterprise" } ], "category": "vendor", "name": "SUSE" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-52.8.0esr-109.31.2.s390x as component of SUSE OpenStack Cloud 7", "product_id": "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.s390x" }, "product_reference": "MozillaFirefox-52.8.0esr-109.31.2.s390x", "relates_to_product_reference": "SUSE OpenStack Cloud 7" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-52.8.0esr-109.31.2.x86_64 as component of SUSE OpenStack Cloud 7", "product_id": "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.x86_64" }, "product_reference": "MozillaFirefox-52.8.0esr-109.31.2.x86_64", "relates_to_product_reference": "SUSE OpenStack Cloud 7" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-devel-52.8.0esr-109.31.2.s390x as component of SUSE OpenStack Cloud 7", "product_id": "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x" }, "product_reference": "MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "relates_to_product_reference": "SUSE OpenStack Cloud 7" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64 as component of SUSE OpenStack Cloud 7", "product_id": "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64" }, "product_reference": "MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "relates_to_product_reference": "SUSE OpenStack Cloud 7" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-translations-52.8.0esr-109.31.2.s390x as component of SUSE OpenStack Cloud 7", "product_id": "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x" }, "product_reference": "MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "relates_to_product_reference": "SUSE OpenStack Cloud 7" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64 as component of SUSE OpenStack Cloud 7", "product_id": "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64" }, "product_reference": "MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "relates_to_product_reference": "SUSE OpenStack Cloud 7" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-52.8.0esr-109.31.2.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP3", "product_id": "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64" }, "product_reference": "MozillaFirefox-52.8.0esr-109.31.2.x86_64", "relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP3" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP3", "product_id": "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64" }, "product_reference": "MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP3" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-52.8.0esr-109.31.2.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1", "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.ppc64le" }, "product_reference": "MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-52.8.0esr-109.31.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1", "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.x86_64" }, "product_reference": "MozillaFirefox-52.8.0esr-109.31.2.x86_64", "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1", "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le" }, "product_reference": "MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1", "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64" }, "product_reference": "MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1", "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le" }, "product_reference": "MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1", "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64" }, "product_reference": "MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-52.8.0esr-109.31.2.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2", "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.ppc64le" }, "product_reference": "MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-52.8.0esr-109.31.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2", "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.x86_64" }, "product_reference": "MozillaFirefox-52.8.0esr-109.31.2.x86_64", "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2", "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le" }, "product_reference": "MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2", "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64" }, "product_reference": "MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2", "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le" }, "product_reference": "MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2", "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64" }, "product_reference": "MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-devel-52.8.0esr-109.31.2.aarch64 as component of SUSE Linux Enterprise Software Development Kit 12 SP3", "product_id": "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.aarch64" }, "product_reference": "MozillaFirefox-devel-52.8.0esr-109.31.2.aarch64", "relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP3" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le as component of SUSE Linux Enterprise Software Development Kit 12 SP3", "product_id": "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le" }, "product_reference": "MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP3" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-devel-52.8.0esr-109.31.2.s390x as component of SUSE Linux Enterprise Software Development Kit 12 SP3", "product_id": "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x" }, "product_reference": "MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP3" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64 as component of SUSE Linux Enterprise Software Development Kit 12 SP3", "product_id": "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64" }, "product_reference": "MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP3" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-52.8.0esr-109.31.2.ppc64le as component of SUSE Linux Enterprise Server 12-LTSS", "product_id": "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le" }, "product_reference": "MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-52.8.0esr-109.31.2.s390x as component of SUSE Linux Enterprise Server 12-LTSS", "product_id": "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x" }, "product_reference": "MozillaFirefox-52.8.0esr-109.31.2.s390x", "relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-52.8.0esr-109.31.2.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS", "product_id": "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64" }, "product_reference": "MozillaFirefox-52.8.0esr-109.31.2.x86_64", "relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le as component of SUSE Linux Enterprise Server 12-LTSS", "product_id": "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le" }, "product_reference": "MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-devel-52.8.0esr-109.31.2.s390x as component of SUSE Linux Enterprise Server 12-LTSS", "product_id": "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x" }, "product_reference": "MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS", "product_id": "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64" }, "product_reference": "MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le as component of SUSE Linux Enterprise Server 12-LTSS", "product_id": "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le" }, "product_reference": "MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-translations-52.8.0esr-109.31.2.s390x as component of SUSE Linux Enterprise Server 12-LTSS", "product_id": "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x" }, "product_reference": "MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS", "product_id": "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64" }, "product_reference": "MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-52.8.0esr-109.31.2.ppc64le as component of SUSE Linux Enterprise Server 12 SP1-LTSS", "product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le" }, "product_reference": "MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-52.8.0esr-109.31.2.s390x as component of SUSE Linux Enterprise Server 12 SP1-LTSS", "product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x" }, "product_reference": "MozillaFirefox-52.8.0esr-109.31.2.s390x", "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-52.8.0esr-109.31.2.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS", "product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64" }, "product_reference": "MozillaFirefox-52.8.0esr-109.31.2.x86_64", "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le as component of SUSE Linux Enterprise Server 12 SP1-LTSS", "product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le" }, "product_reference": "MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-devel-52.8.0esr-109.31.2.s390x as component of SUSE Linux Enterprise Server 12 SP1-LTSS", "product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x" }, "product_reference": "MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS", "product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64" }, "product_reference": "MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le as component of SUSE Linux Enterprise Server 12 SP1-LTSS", "product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le" }, "product_reference": "MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-translations-52.8.0esr-109.31.2.s390x as component of SUSE Linux Enterprise Server 12 SP1-LTSS", "product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x" }, "product_reference": "MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS", "product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64" }, "product_reference": "MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-52.8.0esr-109.31.2.ppc64le as component of SUSE Linux Enterprise Server 12 SP2-LTSS", "product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le" }, "product_reference": "MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-52.8.0esr-109.31.2.s390x as component of SUSE Linux Enterprise Server 12 SP2-LTSS", "product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x" }, "product_reference": "MozillaFirefox-52.8.0esr-109.31.2.s390x", "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-52.8.0esr-109.31.2.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-LTSS", "product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64" }, "product_reference": "MozillaFirefox-52.8.0esr-109.31.2.x86_64", "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le as component of SUSE Linux Enterprise Server 12 SP2-LTSS", "product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le" }, "product_reference": "MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-devel-52.8.0esr-109.31.2.s390x as component of SUSE Linux Enterprise Server 12 SP2-LTSS", "product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x" }, "product_reference": "MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-LTSS", "product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64" }, "product_reference": "MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le as component of SUSE Linux Enterprise Server 12 SP2-LTSS", "product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le" }, "product_reference": "MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-translations-52.8.0esr-109.31.2.s390x as component of SUSE Linux Enterprise Server 12 SP2-LTSS", "product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x" }, "product_reference": "MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-LTSS", "product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64" }, "product_reference": "MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-52.8.0esr-109.31.2.aarch64 as component of SUSE Linux Enterprise Server 12 SP3", "product_id": "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64" }, "product_reference": "MozillaFirefox-52.8.0esr-109.31.2.aarch64", "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-52.8.0esr-109.31.2.ppc64le as component of SUSE Linux Enterprise Server 12 SP3", "product_id": "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le" }, "product_reference": "MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-52.8.0esr-109.31.2.s390x as component of SUSE Linux Enterprise Server 12 SP3", "product_id": "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x" }, "product_reference": "MozillaFirefox-52.8.0esr-109.31.2.s390x", "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-52.8.0esr-109.31.2.x86_64 as component of SUSE Linux Enterprise Server 12 SP3", "product_id": "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64" }, "product_reference": "MozillaFirefox-52.8.0esr-109.31.2.x86_64", "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64 as component of SUSE Linux Enterprise Server 12 SP3", "product_id": "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64" }, "product_reference": "MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64", "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le as component of SUSE Linux Enterprise Server 12 SP3", "product_id": "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le" }, "product_reference": "MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-translations-52.8.0esr-109.31.2.s390x as component of SUSE Linux Enterprise Server 12 SP3", "product_id": "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x" }, "product_reference": "MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64 as component of SUSE Linux Enterprise Server 12 SP3", "product_id": "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64" }, "product_reference": "MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-52.8.0esr-109.31.2.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64" }, "product_reference": "MozillaFirefox-52.8.0esr-109.31.2.aarch64", "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-52.8.0esr-109.31.2.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le" }, "product_reference": "MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-52.8.0esr-109.31.2.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x" }, "product_reference": "MozillaFirefox-52.8.0esr-109.31.2.s390x", "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-52.8.0esr-109.31.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64" }, "product_reference": "MozillaFirefox-52.8.0esr-109.31.2.x86_64", "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64" }, "product_reference": "MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64", "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le" }, "product_reference": "MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-translations-52.8.0esr-109.31.2.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x" }, "product_reference": "MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64" }, "product_reference": "MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-52.8.0esr-109.31.2.x86_64 as component of SUSE Enterprise Storage 4", "product_id": "SUSE Enterprise Storage 4:MozillaFirefox-52.8.0esr-109.31.2.x86_64" }, "product_reference": "MozillaFirefox-52.8.0esr-109.31.2.x86_64", "relates_to_product_reference": "SUSE Enterprise Storage 4" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64 as component of SUSE Enterprise Storage 4", "product_id": "SUSE Enterprise Storage 4:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64" }, "product_reference": "MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "relates_to_product_reference": "SUSE Enterprise Storage 4" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64 as component of SUSE Enterprise Storage 4", "product_id": "SUSE Enterprise Storage 4:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64" }, "product_reference": "MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "relates_to_product_reference": "SUSE Enterprise Storage 4" } ] }, "vulnerabilities": [ { "cve": "CVE-2018-5150", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2018-5150" } ], "notes": [ { "category": "general", "text": "Memory safety bugs were reported in Firefox 59, Firefox ESR 52.7, and Thunderbird 52.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird \u003c 52.8, Thunderbird ESR \u003c 52.8, Firefox \u003c 60, and Firefox ESR \u003c 52.8.", "title": "CVE description" } ], "product_status": { "recommended": [ "SUSE Enterprise Storage 4:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Enterprise Storage 4:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Enterprise Storage 4:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2018-5150", "url": "https://www.suse.com/security/cve/CVE-2018-5150" }, { "category": "external", "summary": "SUSE Bug 1092548 for CVE-2018-5150", "url": "https://bugzilla.suse.com/1092548" }, { "category": "external", "summary": "SUSE Bug 1092611 for CVE-2018-5150", "url": "https://bugzilla.suse.com/1092611" }, { "category": "external", "summary": "SUSE Bug 1093969 for CVE-2018-5150", "url": "https://bugzilla.suse.com/1093969" }, { "category": "external", "summary": "SUSE Bug 1093970 for CVE-2018-5150", "url": "https://bugzilla.suse.com/1093970" }, { "category": "external", "summary": "SUSE Bug 1093971 for CVE-2018-5150", "url": "https://bugzilla.suse.com/1093971" }, { "category": "external", "summary": "SUSE Bug 1093972 for CVE-2018-5150", "url": "https://bugzilla.suse.com/1093972" }, { "category": "external", "summary": "SUSE Bug 1093973 for CVE-2018-5150", "url": "https://bugzilla.suse.com/1093973" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "SUSE Enterprise Storage 4:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Enterprise Storage 4:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Enterprise Storage 4:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "SUSE Enterprise Storage 4:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Enterprise Storage 4:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Enterprise Storage 4:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2018-05-18T06:05:06Z", "details": "important" } ], "title": "CVE-2018-5150" }, { "cve": "CVE-2018-5154", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2018-5154" } ], "notes": [ { "category": "general", "text": "A use-after-free vulnerability can occur while enumerating attributes during SVG animations with clip paths. This results in a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 52.8, Thunderbird ESR \u003c 52.8, Firefox \u003c 60, and Firefox ESR \u003c 52.8.", "title": "CVE description" } ], "product_status": { "recommended": [ "SUSE Enterprise Storage 4:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Enterprise Storage 4:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Enterprise Storage 4:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2018-5154", "url": "https://www.suse.com/security/cve/CVE-2018-5154" }, { "category": "external", "summary": "SUSE Bug 1092548 for CVE-2018-5154", "url": "https://bugzilla.suse.com/1092548" }, { "category": "external", "summary": "SUSE Bug 1092611 for CVE-2018-5154", "url": "https://bugzilla.suse.com/1092611" }, { "category": "external", "summary": "SUSE Bug 1093969 for CVE-2018-5154", "url": "https://bugzilla.suse.com/1093969" }, { "category": "external", "summary": "SUSE Bug 1093970 for CVE-2018-5154", "url": "https://bugzilla.suse.com/1093970" }, { "category": "external", "summary": "SUSE Bug 1093971 for CVE-2018-5154", "url": "https://bugzilla.suse.com/1093971" }, { "category": "external", "summary": "SUSE Bug 1093972 for CVE-2018-5154", "url": "https://bugzilla.suse.com/1093972" }, { "category": "external", "summary": "SUSE Bug 1093973 for CVE-2018-5154", "url": "https://bugzilla.suse.com/1093973" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "SUSE Enterprise Storage 4:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Enterprise Storage 4:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Enterprise Storage 4:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "SUSE Enterprise Storage 4:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Enterprise Storage 4:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Enterprise Storage 4:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2018-05-18T06:05:06Z", "details": "important" } ], "title": "CVE-2018-5154" }, { "cve": "CVE-2018-5155", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2018-5155" } ], "notes": [ { "category": "general", "text": "A use-after-free vulnerability can occur while adjusting layout during SVG animations with text paths. This results in a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 52.8, Thunderbird ESR \u003c 52.8, Firefox \u003c 60, and Firefox ESR \u003c 52.8.", "title": "CVE description" } ], "product_status": { "recommended": [ "SUSE Enterprise Storage 4:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Enterprise Storage 4:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Enterprise Storage 4:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2018-5155", "url": "https://www.suse.com/security/cve/CVE-2018-5155" }, { "category": "external", "summary": "SUSE Bug 1092548 for CVE-2018-5155", "url": "https://bugzilla.suse.com/1092548" }, { "category": "external", "summary": "SUSE Bug 1092611 for CVE-2018-5155", "url": "https://bugzilla.suse.com/1092611" }, { "category": "external", "summary": "SUSE Bug 1093969 for CVE-2018-5155", "url": "https://bugzilla.suse.com/1093969" }, { "category": "external", "summary": "SUSE Bug 1093970 for CVE-2018-5155", "url": "https://bugzilla.suse.com/1093970" }, { "category": "external", "summary": "SUSE Bug 1093971 for CVE-2018-5155", "url": "https://bugzilla.suse.com/1093971" }, { "category": "external", "summary": "SUSE Bug 1093972 for CVE-2018-5155", "url": "https://bugzilla.suse.com/1093972" }, { "category": "external", "summary": "SUSE Bug 1093973 for CVE-2018-5155", "url": "https://bugzilla.suse.com/1093973" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "SUSE Enterprise Storage 4:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Enterprise Storage 4:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Enterprise Storage 4:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "SUSE Enterprise Storage 4:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Enterprise Storage 4:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Enterprise Storage 4:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2018-05-18T06:05:06Z", "details": "important" } ], "title": "CVE-2018-5155" }, { "cve": "CVE-2018-5157", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2018-5157" } ], "notes": [ { "category": "general", "text": "Same-origin protections for the PDF viewer can be bypassed, allowing a malicious site to intercept messages meant for the viewer. This could allow the site to retrieve PDF files restricted to viewing by an authenticated user on a third-party website. This vulnerability affects Firefox ESR \u003c 52.8 and Firefox \u003c 60.", "title": "CVE description" } ], "product_status": { "recommended": [ "SUSE Enterprise Storage 4:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Enterprise Storage 4:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Enterprise Storage 4:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2018-5157", "url": "https://www.suse.com/security/cve/CVE-2018-5157" }, { "category": "external", "summary": "SUSE Bug 1092548 for CVE-2018-5157", "url": "https://bugzilla.suse.com/1092548" }, { "category": "external", "summary": "SUSE Bug 1092611 for CVE-2018-5157", "url": "https://bugzilla.suse.com/1092611" }, { "category": "external", "summary": "SUSE Bug 1093969 for CVE-2018-5157", "url": "https://bugzilla.suse.com/1093969" }, { "category": "external", "summary": "SUSE Bug 1093970 for CVE-2018-5157", "url": "https://bugzilla.suse.com/1093970" }, { "category": "external", "summary": "SUSE Bug 1093971 for CVE-2018-5157", "url": "https://bugzilla.suse.com/1093971" }, { "category": "external", "summary": "SUSE Bug 1093972 for CVE-2018-5157", "url": "https://bugzilla.suse.com/1093972" }, { "category": "external", "summary": "SUSE Bug 1093973 for CVE-2018-5157", "url": "https://bugzilla.suse.com/1093973" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "SUSE Enterprise Storage 4:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Enterprise Storage 4:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Enterprise Storage 4:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "SUSE Enterprise Storage 4:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Enterprise Storage 4:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Enterprise Storage 4:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2018-05-18T06:05:06Z", "details": "important" } ], "title": "CVE-2018-5157" }, { "cve": "CVE-2018-5158", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2018-5158" } ], "notes": [ { "category": "general", "text": "The PDF viewer does not sufficiently sanitize PostScript calculator functions, allowing malicious JavaScript to be injected through a crafted PDF file. This JavaScript can then be run with the permissions of the PDF viewer by its worker. This vulnerability affects Firefox ESR \u003c 52.8 and Firefox \u003c 60.", "title": "CVE description" } ], "product_status": { "recommended": [ "SUSE Enterprise Storage 4:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Enterprise Storage 4:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Enterprise Storage 4:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2018-5158", "url": "https://www.suse.com/security/cve/CVE-2018-5158" }, { "category": "external", "summary": "SUSE Bug 1092548 for CVE-2018-5158", "url": "https://bugzilla.suse.com/1092548" }, { "category": "external", "summary": "SUSE Bug 1092611 for CVE-2018-5158", "url": "https://bugzilla.suse.com/1092611" }, { "category": "external", "summary": "SUSE Bug 1093969 for CVE-2018-5158", "url": "https://bugzilla.suse.com/1093969" }, { "category": "external", "summary": "SUSE Bug 1093970 for CVE-2018-5158", "url": "https://bugzilla.suse.com/1093970" }, { "category": "external", "summary": "SUSE Bug 1093971 for CVE-2018-5158", "url": "https://bugzilla.suse.com/1093971" }, { "category": "external", "summary": "SUSE Bug 1093972 for CVE-2018-5158", "url": "https://bugzilla.suse.com/1093972" }, { "category": "external", "summary": "SUSE Bug 1093973 for CVE-2018-5158", "url": "https://bugzilla.suse.com/1093973" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "SUSE Enterprise Storage 4:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Enterprise Storage 4:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Enterprise Storage 4:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "SUSE Enterprise Storage 4:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Enterprise Storage 4:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Enterprise Storage 4:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2018-05-18T06:05:06Z", "details": "important" } ], "title": "CVE-2018-5158" }, { "cve": "CVE-2018-5159", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2018-5159" } ], "notes": [ { "category": "general", "text": "An integer overflow can occur in the Skia library due to 32-bit integer use in an array without integer overflow checks, resulting in possible out-of-bounds writes. This could lead to a potentially exploitable crash triggerable by web content. This vulnerability affects Thunderbird \u003c 52.8, Thunderbird ESR \u003c 52.8, Firefox \u003c 60, and Firefox ESR \u003c 52.8.", "title": "CVE description" } ], "product_status": { "recommended": [ "SUSE Enterprise Storage 4:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Enterprise Storage 4:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Enterprise Storage 4:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2018-5159", "url": "https://www.suse.com/security/cve/CVE-2018-5159" }, { "category": "external", "summary": "SUSE Bug 1092548 for CVE-2018-5159", "url": "https://bugzilla.suse.com/1092548" }, { "category": "external", "summary": "SUSE Bug 1092611 for CVE-2018-5159", "url": "https://bugzilla.suse.com/1092611" }, { "category": "external", "summary": "SUSE Bug 1093969 for CVE-2018-5159", "url": "https://bugzilla.suse.com/1093969" }, { "category": "external", "summary": "SUSE Bug 1093970 for CVE-2018-5159", "url": "https://bugzilla.suse.com/1093970" }, { "category": "external", "summary": "SUSE Bug 1093971 for CVE-2018-5159", "url": "https://bugzilla.suse.com/1093971" }, { "category": "external", "summary": "SUSE Bug 1093972 for CVE-2018-5159", "url": "https://bugzilla.suse.com/1093972" }, { "category": "external", "summary": "SUSE Bug 1093973 for CVE-2018-5159", "url": "https://bugzilla.suse.com/1093973" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "SUSE Enterprise Storage 4:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Enterprise Storage 4:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Enterprise Storage 4:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "SUSE Enterprise Storage 4:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Enterprise Storage 4:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Enterprise Storage 4:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2018-05-18T06:05:06Z", "details": "important" } ], "title": "CVE-2018-5159" }, { "cve": "CVE-2018-5168", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2018-5168" } ], "notes": [ { "category": "general", "text": "Sites can bypass security checks on permissions to install lightweight themes by manipulating the \"baseURI\" property of the theme element. This could allow a malicious site to install a theme without user interaction which could contain offensive or embarrassing images. This vulnerability affects Thunderbird \u003c 52.8, Thunderbird ESR \u003c 52.8, Firefox \u003c 60, and Firefox ESR \u003c 52.8.", "title": "CVE description" } ], "product_status": { "recommended": [ "SUSE Enterprise Storage 4:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Enterprise Storage 4:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Enterprise Storage 4:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2018-5168", "url": "https://www.suse.com/security/cve/CVE-2018-5168" }, { "category": "external", "summary": "SUSE Bug 1092548 for CVE-2018-5168", "url": "https://bugzilla.suse.com/1092548" }, { "category": "external", "summary": "SUSE Bug 1092611 for CVE-2018-5168", "url": "https://bugzilla.suse.com/1092611" }, { "category": "external", "summary": "SUSE Bug 1093969 for CVE-2018-5168", "url": "https://bugzilla.suse.com/1093969" }, { "category": "external", "summary": "SUSE Bug 1093970 for CVE-2018-5168", "url": "https://bugzilla.suse.com/1093970" }, { "category": "external", "summary": "SUSE Bug 1093971 for CVE-2018-5168", "url": "https://bugzilla.suse.com/1093971" }, { "category": "external", "summary": "SUSE Bug 1093972 for CVE-2018-5168", "url": "https://bugzilla.suse.com/1093972" }, { "category": "external", "summary": "SUSE Bug 1093973 for CVE-2018-5168", "url": "https://bugzilla.suse.com/1093973" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "SUSE Enterprise Storage 4:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Enterprise Storage 4:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Enterprise Storage 4:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0" }, "products": [ "SUSE Enterprise Storage 4:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Enterprise Storage 4:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Enterprise Storage 4:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2018-05-18T06:05:06Z", "details": "important" } ], "title": "CVE-2018-5168" }, { "cve": "CVE-2018-5174", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2018-5174" } ], "notes": [ { "category": "general", "text": "In the Windows 10 April 2018 Update, Windows Defender SmartScreen honors the \"SEE_MASK_FLAG_NO_UI\" flag associated with downloaded files and will not show any UI. Files that are unknown and potentially dangerous will be allowed to run because SmartScreen will not prompt the user for a decision, and if the user is offline all files will be allowed to be opened because Windows won\u0027t prompt the user to ask what to do. Firefox incorrectly sets this flag when downloading files, leading to less secure behavior from SmartScreen. Note: this issue only affects Windows 10 users running the April 2018 update or later. It does not affect other Windows users or other operating systems. This vulnerability affects Thunderbird \u003c 52.8, Thunderbird ESR \u003c 52.8, Firefox \u003c 60, and Firefox ESR \u003c 52.8.", "title": "CVE description" } ], "product_status": { "recommended": [ "SUSE Enterprise Storage 4:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Enterprise Storage 4:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Enterprise Storage 4:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2018-5174", "url": "https://www.suse.com/security/cve/CVE-2018-5174" }, { "category": "external", "summary": "SUSE Bug 1092548 for CVE-2018-5174", "url": "https://bugzilla.suse.com/1092548" }, { "category": "external", "summary": "SUSE Bug 1092611 for CVE-2018-5174", "url": "https://bugzilla.suse.com/1092611" }, { "category": "external", "summary": "SUSE Bug 1093969 for CVE-2018-5174", "url": "https://bugzilla.suse.com/1093969" }, { "category": "external", "summary": "SUSE Bug 1093970 for CVE-2018-5174", "url": "https://bugzilla.suse.com/1093970" }, { "category": "external", "summary": "SUSE Bug 1093971 for CVE-2018-5174", "url": "https://bugzilla.suse.com/1093971" }, { "category": "external", "summary": "SUSE Bug 1093972 for CVE-2018-5174", "url": "https://bugzilla.suse.com/1093972" }, { "category": "external", "summary": "SUSE Bug 1093973 for CVE-2018-5174", "url": "https://bugzilla.suse.com/1093973" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "SUSE Enterprise Storage 4:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Enterprise Storage 4:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Enterprise Storage 4:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.0" }, "products": [ "SUSE Enterprise Storage 4:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Enterprise Storage 4:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Enterprise Storage 4:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2018-05-18T06:05:06Z", "details": "important" } ], "title": "CVE-2018-5174" }, { "cve": "CVE-2018-5178", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2018-5178" } ], "notes": [ { "category": "general", "text": "A buffer overflow was found during UTF8 to Unicode string conversion within JavaScript with extremely large amounts of data. This vulnerability requires the use of a malicious or vulnerable legacy extension in order to occur. This vulnerability affects Thunderbird ESR \u003c 52.8, Thunderbird \u003c 52.8, and Firefox ESR \u003c 52.8.", "title": "CVE description" } ], "product_status": { "recommended": [ "SUSE Enterprise Storage 4:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Enterprise Storage 4:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Enterprise Storage 4:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2018-5178", "url": "https://www.suse.com/security/cve/CVE-2018-5178" }, { "category": "external", "summary": "SUSE Bug 1092548 for CVE-2018-5178", "url": "https://bugzilla.suse.com/1092548" }, { "category": "external", "summary": "SUSE Bug 1092611 for CVE-2018-5178", "url": "https://bugzilla.suse.com/1092611" }, { "category": "external", "summary": "SUSE Bug 1093969 for CVE-2018-5178", "url": "https://bugzilla.suse.com/1093969" }, { "category": "external", "summary": "SUSE Bug 1093970 for CVE-2018-5178", "url": "https://bugzilla.suse.com/1093970" }, { "category": "external", "summary": "SUSE Bug 1093971 for CVE-2018-5178", "url": "https://bugzilla.suse.com/1093971" }, { "category": "external", "summary": "SUSE Bug 1093972 for CVE-2018-5178", "url": "https://bugzilla.suse.com/1093972" }, { "category": "external", "summary": "SUSE Bug 1093973 for CVE-2018-5178", "url": "https://bugzilla.suse.com/1093973" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "SUSE Enterprise Storage 4:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Enterprise Storage 4:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Enterprise Storage 4:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 8.1, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "SUSE Enterprise Storage 4:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Enterprise Storage 4:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Enterprise Storage 4:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2018-05-18T06:05:06Z", "details": "important" } ], "title": "CVE-2018-5178" }, { "cve": "CVE-2018-5183", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2018-5183" } ], "notes": [ { "category": "general", "text": "Mozilla developers backported selected changes in the Skia library. These changes correct memory corruption issues including invalid buffer reads and writes during graphic operations. This vulnerability affects Thunderbird ESR \u003c 52.8, Thunderbird \u003c 52.8, and Firefox ESR \u003c 52.8.", "title": "CVE description" } ], "product_status": { "recommended": [ "SUSE Enterprise Storage 4:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Enterprise Storage 4:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Enterprise Storage 4:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2018-5183", "url": "https://www.suse.com/security/cve/CVE-2018-5183" }, { "category": "external", "summary": "SUSE Bug 1092548 for CVE-2018-5183", "url": "https://bugzilla.suse.com/1092548" }, { "category": "external", "summary": "SUSE Bug 1092611 for CVE-2018-5183", "url": "https://bugzilla.suse.com/1092611" }, { "category": "external", "summary": "SUSE Bug 1093969 for CVE-2018-5183", "url": "https://bugzilla.suse.com/1093969" }, { "category": "external", "summary": "SUSE Bug 1093970 for CVE-2018-5183", "url": "https://bugzilla.suse.com/1093970" }, { "category": "external", "summary": "SUSE Bug 1093971 for CVE-2018-5183", "url": "https://bugzilla.suse.com/1093971" }, { "category": "external", "summary": "SUSE Bug 1093972 for CVE-2018-5183", "url": "https://bugzilla.suse.com/1093972" }, { "category": "external", "summary": "SUSE Bug 1093973 for CVE-2018-5183", "url": "https://bugzilla.suse.com/1093973" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "SUSE Enterprise Storage 4:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Enterprise Storage 4:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Enterprise Storage 4:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "SUSE Enterprise Storage 4:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Enterprise Storage 4:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Enterprise Storage 4:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2018-05-18T06:05:06Z", "details": "important" } ], "title": "CVE-2018-5183" } ] }
suse-su-2018:1334-2
Vulnerability from csaf_suse
Notes
{ "document": { "aggregate_severity": { "namespace": "https://www.suse.com/support/security/rating/", "text": "important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright 2024 SUSE LLC. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Security update for MozillaFirefox", "title": "Title of the patch" }, { "category": "description", "text": "This update for MozillaFirefox to the ESR 52.8 release fixes the following issues:\n\nMozil to Firefox ESR 52.8 (bsc#1092548)\n\nSecurity issues fixed:\n\n- MFSA 2018-12/CVE-2018-5159: Integer overflow and out-of-bounds write in Skia\n- MFSA 2018-12/CVE-2018-5158: Malicious PDF can inject JavaScript into PDF Viewer\n- MFSA 2018-12/CVE-2018-5168: Lightweight themes can be installed without user interaction\n- MFSA 2018-12/CVE-2018-5150: Memory safety bugs fixed in Firefox 60 and Firefox ESR 52.8\n- MFSA 2018-12/CVE-2018-5155: Use-after-free with SVG animations and text paths\n- MFSA 2018-12/CVE-2018-5183: Backport critical security fixes in Skia\n- MFSA 2018-12/CVE-2018-5157: Same-origin bypass of PDF Viewer to view protected PDF files\n- MFSA 2018-12/CVE-2018-5154: Use-after-free with SVG animations and clip paths\n- MFSA 2018-12/CVE-2018-5178: Buffer overflow during UTF-8 to Unicode string conversion through legacy extension\n", "title": "Description of the patch" }, { "category": "details", "text": "SUSE-SLE-SERVER-12-SP2-BCL-2018-943", "title": "Patchnames" }, { "category": "legal_disclaimer", "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", "title": "Terms of use" } ], "publisher": { "category": "vendor", "contact_details": "https://www.suse.com/support/security/contact/", "name": "SUSE Product Security Team", "namespace": "https://www.suse.com/" }, "references": [ { "category": "external", "summary": "SUSE ratings", "url": "https://www.suse.com/support/security/rating/" }, { "category": "self", "summary": "URL of this CSAF notice", "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2018_1334-2.json" }, { "category": "self", "summary": "URL for SUSE-SU-2018:1334-2", "url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181334-2/" }, { "category": "self", "summary": "E-Mail link for SUSE-SU-2018:1334-2", "url": "https://lists.suse.com/pipermail/sle-security-updates/2018-October/004741.html" }, { "category": "self", "summary": "SUSE Bug 1092548", "url": "https://bugzilla.suse.com/1092548" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5150 page", "url": "https://www.suse.com/security/cve/CVE-2018-5150/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5154 page", "url": "https://www.suse.com/security/cve/CVE-2018-5154/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5155 page", "url": "https://www.suse.com/security/cve/CVE-2018-5155/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5157 page", "url": "https://www.suse.com/security/cve/CVE-2018-5157/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5158 page", "url": "https://www.suse.com/security/cve/CVE-2018-5158/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5159 page", "url": "https://www.suse.com/security/cve/CVE-2018-5159/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5168 page", "url": "https://www.suse.com/security/cve/CVE-2018-5168/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5174 page", "url": "https://www.suse.com/security/cve/CVE-2018-5174/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5178 page", "url": "https://www.suse.com/security/cve/CVE-2018-5178/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5183 page", "url": "https://www.suse.com/security/cve/CVE-2018-5183/" } ], "title": "Security update for MozillaFirefox", "tracking": { "current_release_date": "2018-10-18T12:44:56Z", "generator": { "date": "2018-10-18T12:44:56Z", "engine": { "name": "cve-database.git:bin/generate-csaf.pl", "version": "1" } }, "id": "SUSE-SU-2018:1334-2", "initial_release_date": "2018-10-18T12:44:56Z", "revision_history": [ { "date": "2018-10-18T12:44:56Z", "number": "1", "summary": "Current version" } ], "status": "final", "version": "1" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_version", "name": "MozillaFirefox-52.8.0esr-109.31.2.x86_64", "product": { "name": "MozillaFirefox-52.8.0esr-109.31.2.x86_64", "product_id": "MozillaFirefox-52.8.0esr-109.31.2.x86_64" } }, { "category": "product_version", "name": "MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "product": { "name": "MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "product_id": "MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64" } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_name", "name": "SUSE Linux Enterprise Server 12 SP2-BCL", "product": { "name": "SUSE Linux Enterprise Server 12 SP2-BCL", "product_id": "SUSE Linux Enterprise Server 12 SP2-BCL", "product_identification_helper": { "cpe": "cpe:/o:suse:sles-bcl:12:sp2" } } } ], "category": "product_family", "name": "SUSE Linux Enterprise" } ], "category": "vendor", "name": "SUSE" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-52.8.0esr-109.31.2.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-BCL", "product_id": "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-52.8.0esr-109.31.2.x86_64" }, "product_reference": "MozillaFirefox-52.8.0esr-109.31.2.x86_64", "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-BCL" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-BCL", "product_id": "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64" }, "product_reference": "MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64", "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-BCL" } ] }, "vulnerabilities": [ { "cve": "CVE-2018-5150", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2018-5150" } ], "notes": [ { "category": "general", "text": "Memory safety bugs were reported in Firefox 59, Firefox ESR 52.7, and Thunderbird 52.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird \u003c 52.8, Thunderbird ESR \u003c 52.8, Firefox \u003c 60, and Firefox ESR \u003c 52.8.", "title": "CVE description" } ], "product_status": { "recommended": [ "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2018-5150", "url": "https://www.suse.com/security/cve/CVE-2018-5150" }, { "category": "external", "summary": "SUSE Bug 1092548 for CVE-2018-5150", "url": "https://bugzilla.suse.com/1092548" }, { "category": "external", "summary": "SUSE Bug 1092611 for CVE-2018-5150", "url": "https://bugzilla.suse.com/1092611" }, { "category": "external", "summary": "SUSE Bug 1093969 for CVE-2018-5150", "url": "https://bugzilla.suse.com/1093969" }, { "category": "external", "summary": "SUSE Bug 1093970 for CVE-2018-5150", "url": "https://bugzilla.suse.com/1093970" }, { "category": "external", "summary": "SUSE Bug 1093971 for CVE-2018-5150", "url": "https://bugzilla.suse.com/1093971" }, { "category": "external", "summary": "SUSE Bug 1093972 for CVE-2018-5150", "url": "https://bugzilla.suse.com/1093972" }, { "category": "external", "summary": "SUSE Bug 1093973 for CVE-2018-5150", "url": "https://bugzilla.suse.com/1093973" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2018-10-18T12:44:56Z", "details": "important" } ], "title": "CVE-2018-5150" }, { "cve": "CVE-2018-5154", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2018-5154" } ], "notes": [ { "category": "general", "text": "A use-after-free vulnerability can occur while enumerating attributes during SVG animations with clip paths. This results in a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 52.8, Thunderbird ESR \u003c 52.8, Firefox \u003c 60, and Firefox ESR \u003c 52.8.", "title": "CVE description" } ], "product_status": { "recommended": [ "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2018-5154", "url": "https://www.suse.com/security/cve/CVE-2018-5154" }, { "category": "external", "summary": "SUSE Bug 1092548 for CVE-2018-5154", "url": "https://bugzilla.suse.com/1092548" }, { "category": "external", "summary": "SUSE Bug 1092611 for CVE-2018-5154", "url": "https://bugzilla.suse.com/1092611" }, { "category": "external", "summary": "SUSE Bug 1093969 for CVE-2018-5154", "url": "https://bugzilla.suse.com/1093969" }, { "category": "external", "summary": "SUSE Bug 1093970 for CVE-2018-5154", "url": "https://bugzilla.suse.com/1093970" }, { "category": "external", "summary": "SUSE Bug 1093971 for CVE-2018-5154", "url": "https://bugzilla.suse.com/1093971" }, { "category": "external", "summary": "SUSE Bug 1093972 for CVE-2018-5154", "url": "https://bugzilla.suse.com/1093972" }, { "category": "external", "summary": "SUSE Bug 1093973 for CVE-2018-5154", "url": "https://bugzilla.suse.com/1093973" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2018-10-18T12:44:56Z", "details": "important" } ], "title": "CVE-2018-5154" }, { "cve": "CVE-2018-5155", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2018-5155" } ], "notes": [ { "category": "general", "text": "A use-after-free vulnerability can occur while adjusting layout during SVG animations with text paths. This results in a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 52.8, Thunderbird ESR \u003c 52.8, Firefox \u003c 60, and Firefox ESR \u003c 52.8.", "title": "CVE description" } ], "product_status": { "recommended": [ "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2018-5155", "url": "https://www.suse.com/security/cve/CVE-2018-5155" }, { "category": "external", "summary": "SUSE Bug 1092548 for CVE-2018-5155", "url": "https://bugzilla.suse.com/1092548" }, { "category": "external", "summary": "SUSE Bug 1092611 for CVE-2018-5155", "url": "https://bugzilla.suse.com/1092611" }, { "category": "external", "summary": "SUSE Bug 1093969 for CVE-2018-5155", "url": "https://bugzilla.suse.com/1093969" }, { "category": "external", "summary": "SUSE Bug 1093970 for CVE-2018-5155", "url": "https://bugzilla.suse.com/1093970" }, { "category": "external", "summary": "SUSE Bug 1093971 for CVE-2018-5155", "url": "https://bugzilla.suse.com/1093971" }, { "category": "external", "summary": "SUSE Bug 1093972 for CVE-2018-5155", "url": "https://bugzilla.suse.com/1093972" }, { "category": "external", "summary": "SUSE Bug 1093973 for CVE-2018-5155", "url": "https://bugzilla.suse.com/1093973" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2018-10-18T12:44:56Z", "details": "important" } ], "title": "CVE-2018-5155" }, { "cve": "CVE-2018-5157", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2018-5157" } ], "notes": [ { "category": "general", "text": "Same-origin protections for the PDF viewer can be bypassed, allowing a malicious site to intercept messages meant for the viewer. This could allow the site to retrieve PDF files restricted to viewing by an authenticated user on a third-party website. This vulnerability affects Firefox ESR \u003c 52.8 and Firefox \u003c 60.", "title": "CVE description" } ], "product_status": { "recommended": [ "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2018-5157", "url": "https://www.suse.com/security/cve/CVE-2018-5157" }, { "category": "external", "summary": "SUSE Bug 1092548 for CVE-2018-5157", "url": "https://bugzilla.suse.com/1092548" }, { "category": "external", "summary": "SUSE Bug 1092611 for CVE-2018-5157", "url": "https://bugzilla.suse.com/1092611" }, { "category": "external", "summary": "SUSE Bug 1093969 for CVE-2018-5157", "url": "https://bugzilla.suse.com/1093969" }, { "category": "external", "summary": "SUSE Bug 1093970 for CVE-2018-5157", "url": "https://bugzilla.suse.com/1093970" }, { "category": "external", "summary": "SUSE Bug 1093971 for CVE-2018-5157", "url": "https://bugzilla.suse.com/1093971" }, { "category": "external", "summary": "SUSE Bug 1093972 for CVE-2018-5157", "url": "https://bugzilla.suse.com/1093972" }, { "category": "external", "summary": "SUSE Bug 1093973 for CVE-2018-5157", "url": "https://bugzilla.suse.com/1093973" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2018-10-18T12:44:56Z", "details": "important" } ], "title": "CVE-2018-5157" }, { "cve": "CVE-2018-5158", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2018-5158" } ], "notes": [ { "category": "general", "text": "The PDF viewer does not sufficiently sanitize PostScript calculator functions, allowing malicious JavaScript to be injected through a crafted PDF file. This JavaScript can then be run with the permissions of the PDF viewer by its worker. This vulnerability affects Firefox ESR \u003c 52.8 and Firefox \u003c 60.", "title": "CVE description" } ], "product_status": { "recommended": [ "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2018-5158", "url": "https://www.suse.com/security/cve/CVE-2018-5158" }, { "category": "external", "summary": "SUSE Bug 1092548 for CVE-2018-5158", "url": "https://bugzilla.suse.com/1092548" }, { "category": "external", "summary": "SUSE Bug 1092611 for CVE-2018-5158", "url": "https://bugzilla.suse.com/1092611" }, { "category": "external", "summary": "SUSE Bug 1093969 for CVE-2018-5158", "url": "https://bugzilla.suse.com/1093969" }, { "category": "external", "summary": "SUSE Bug 1093970 for CVE-2018-5158", "url": "https://bugzilla.suse.com/1093970" }, { "category": "external", "summary": "SUSE Bug 1093971 for CVE-2018-5158", "url": "https://bugzilla.suse.com/1093971" }, { "category": "external", "summary": "SUSE Bug 1093972 for CVE-2018-5158", "url": "https://bugzilla.suse.com/1093972" }, { "category": "external", "summary": "SUSE Bug 1093973 for CVE-2018-5158", "url": "https://bugzilla.suse.com/1093973" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2018-10-18T12:44:56Z", "details": "important" } ], "title": "CVE-2018-5158" }, { "cve": "CVE-2018-5159", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2018-5159" } ], "notes": [ { "category": "general", "text": "An integer overflow can occur in the Skia library due to 32-bit integer use in an array without integer overflow checks, resulting in possible out-of-bounds writes. This could lead to a potentially exploitable crash triggerable by web content. This vulnerability affects Thunderbird \u003c 52.8, Thunderbird ESR \u003c 52.8, Firefox \u003c 60, and Firefox ESR \u003c 52.8.", "title": "CVE description" } ], "product_status": { "recommended": [ "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2018-5159", "url": "https://www.suse.com/security/cve/CVE-2018-5159" }, { "category": "external", "summary": "SUSE Bug 1092548 for CVE-2018-5159", "url": "https://bugzilla.suse.com/1092548" }, { "category": "external", "summary": "SUSE Bug 1092611 for CVE-2018-5159", "url": "https://bugzilla.suse.com/1092611" }, { "category": "external", "summary": "SUSE Bug 1093969 for CVE-2018-5159", "url": "https://bugzilla.suse.com/1093969" }, { "category": "external", "summary": "SUSE Bug 1093970 for CVE-2018-5159", "url": "https://bugzilla.suse.com/1093970" }, { "category": "external", "summary": "SUSE Bug 1093971 for CVE-2018-5159", "url": "https://bugzilla.suse.com/1093971" }, { "category": "external", "summary": "SUSE Bug 1093972 for CVE-2018-5159", "url": "https://bugzilla.suse.com/1093972" }, { "category": "external", "summary": "SUSE Bug 1093973 for CVE-2018-5159", "url": "https://bugzilla.suse.com/1093973" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2018-10-18T12:44:56Z", "details": "important" } ], "title": "CVE-2018-5159" }, { "cve": "CVE-2018-5168", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2018-5168" } ], "notes": [ { "category": "general", "text": "Sites can bypass security checks on permissions to install lightweight themes by manipulating the \"baseURI\" property of the theme element. This could allow a malicious site to install a theme without user interaction which could contain offensive or embarrassing images. This vulnerability affects Thunderbird \u003c 52.8, Thunderbird ESR \u003c 52.8, Firefox \u003c 60, and Firefox ESR \u003c 52.8.", "title": "CVE description" } ], "product_status": { "recommended": [ "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2018-5168", "url": "https://www.suse.com/security/cve/CVE-2018-5168" }, { "category": "external", "summary": "SUSE Bug 1092548 for CVE-2018-5168", "url": "https://bugzilla.suse.com/1092548" }, { "category": "external", "summary": "SUSE Bug 1092611 for CVE-2018-5168", "url": "https://bugzilla.suse.com/1092611" }, { "category": "external", "summary": "SUSE Bug 1093969 for CVE-2018-5168", "url": "https://bugzilla.suse.com/1093969" }, { "category": "external", "summary": "SUSE Bug 1093970 for CVE-2018-5168", "url": "https://bugzilla.suse.com/1093970" }, { "category": "external", "summary": "SUSE Bug 1093971 for CVE-2018-5168", "url": "https://bugzilla.suse.com/1093971" }, { "category": "external", "summary": "SUSE Bug 1093972 for CVE-2018-5168", "url": "https://bugzilla.suse.com/1093972" }, { "category": "external", "summary": "SUSE Bug 1093973 for CVE-2018-5168", "url": "https://bugzilla.suse.com/1093973" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0" }, "products": [ "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2018-10-18T12:44:56Z", "details": "important" } ], "title": "CVE-2018-5168" }, { "cve": "CVE-2018-5174", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2018-5174" } ], "notes": [ { "category": "general", "text": "In the Windows 10 April 2018 Update, Windows Defender SmartScreen honors the \"SEE_MASK_FLAG_NO_UI\" flag associated with downloaded files and will not show any UI. Files that are unknown and potentially dangerous will be allowed to run because SmartScreen will not prompt the user for a decision, and if the user is offline all files will be allowed to be opened because Windows won\u0027t prompt the user to ask what to do. Firefox incorrectly sets this flag when downloading files, leading to less secure behavior from SmartScreen. Note: this issue only affects Windows 10 users running the April 2018 update or later. It does not affect other Windows users or other operating systems. This vulnerability affects Thunderbird \u003c 52.8, Thunderbird ESR \u003c 52.8, Firefox \u003c 60, and Firefox ESR \u003c 52.8.", "title": "CVE description" } ], "product_status": { "recommended": [ "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2018-5174", "url": "https://www.suse.com/security/cve/CVE-2018-5174" }, { "category": "external", "summary": "SUSE Bug 1092548 for CVE-2018-5174", "url": "https://bugzilla.suse.com/1092548" }, { "category": "external", "summary": "SUSE Bug 1092611 for CVE-2018-5174", "url": "https://bugzilla.suse.com/1092611" }, { "category": "external", "summary": "SUSE Bug 1093969 for CVE-2018-5174", "url": "https://bugzilla.suse.com/1093969" }, { "category": "external", "summary": "SUSE Bug 1093970 for CVE-2018-5174", "url": "https://bugzilla.suse.com/1093970" }, { "category": "external", "summary": "SUSE Bug 1093971 for CVE-2018-5174", "url": "https://bugzilla.suse.com/1093971" }, { "category": "external", "summary": "SUSE Bug 1093972 for CVE-2018-5174", "url": "https://bugzilla.suse.com/1093972" }, { "category": "external", "summary": "SUSE Bug 1093973 for CVE-2018-5174", "url": "https://bugzilla.suse.com/1093973" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.0" }, "products": [ "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2018-10-18T12:44:56Z", "details": "important" } ], "title": "CVE-2018-5174" }, { "cve": "CVE-2018-5178", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2018-5178" } ], "notes": [ { "category": "general", "text": "A buffer overflow was found during UTF8 to Unicode string conversion within JavaScript with extremely large amounts of data. This vulnerability requires the use of a malicious or vulnerable legacy extension in order to occur. This vulnerability affects Thunderbird ESR \u003c 52.8, Thunderbird \u003c 52.8, and Firefox ESR \u003c 52.8.", "title": "CVE description" } ], "product_status": { "recommended": [ "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2018-5178", "url": "https://www.suse.com/security/cve/CVE-2018-5178" }, { "category": "external", "summary": "SUSE Bug 1092548 for CVE-2018-5178", "url": "https://bugzilla.suse.com/1092548" }, { "category": "external", "summary": "SUSE Bug 1092611 for CVE-2018-5178", "url": "https://bugzilla.suse.com/1092611" }, { "category": "external", "summary": "SUSE Bug 1093969 for CVE-2018-5178", "url": "https://bugzilla.suse.com/1093969" }, { "category": "external", "summary": "SUSE Bug 1093970 for CVE-2018-5178", "url": "https://bugzilla.suse.com/1093970" }, { "category": "external", "summary": "SUSE Bug 1093971 for CVE-2018-5178", "url": "https://bugzilla.suse.com/1093971" }, { "category": "external", "summary": "SUSE Bug 1093972 for CVE-2018-5178", "url": "https://bugzilla.suse.com/1093972" }, { "category": "external", "summary": "SUSE Bug 1093973 for CVE-2018-5178", "url": "https://bugzilla.suse.com/1093973" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 8.1, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2018-10-18T12:44:56Z", "details": "important" } ], "title": "CVE-2018-5178" }, { "cve": "CVE-2018-5183", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2018-5183" } ], "notes": [ { "category": "general", "text": "Mozilla developers backported selected changes in the Skia library. These changes correct memory corruption issues including invalid buffer reads and writes during graphic operations. This vulnerability affects Thunderbird ESR \u003c 52.8, Thunderbird \u003c 52.8, and Firefox ESR \u003c 52.8.", "title": "CVE description" } ], "product_status": { "recommended": [ "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2018-5183", "url": "https://www.suse.com/security/cve/CVE-2018-5183" }, { "category": "external", "summary": "SUSE Bug 1092548 for CVE-2018-5183", "url": "https://bugzilla.suse.com/1092548" }, { "category": "external", "summary": "SUSE Bug 1092611 for CVE-2018-5183", "url": "https://bugzilla.suse.com/1092611" }, { "category": "external", "summary": "SUSE Bug 1093969 for CVE-2018-5183", "url": "https://bugzilla.suse.com/1093969" }, { "category": "external", "summary": "SUSE Bug 1093970 for CVE-2018-5183", "url": "https://bugzilla.suse.com/1093970" }, { "category": "external", "summary": "SUSE Bug 1093971 for CVE-2018-5183", "url": "https://bugzilla.suse.com/1093971" }, { "category": "external", "summary": "SUSE Bug 1093972 for CVE-2018-5183", "url": "https://bugzilla.suse.com/1093972" }, { "category": "external", "summary": "SUSE Bug 1093973 for CVE-2018-5183", "url": "https://bugzilla.suse.com/1093973" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-52.8.0esr-109.31.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2018-10-18T12:44:56Z", "details": "important" } ], "title": "CVE-2018-5183" } ] }
suse-su-2018:2298-1
Vulnerability from csaf_suse
Notes
{ "document": { "aggregate_severity": { "namespace": "https://www.suse.com/support/security/rating/", "text": "important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright 2024 SUSE LLC. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Security update for MozillaFirefox", "title": "Title of the patch" }, { "category": "description", "text": "This update for MozillaFirefox to the 52.9 ESR release fixes the following issues:\n\nThese security issues were fixed:\n\n- Firefox ESR 52.9:\n- CVE-2018-5188 Memory safety bugs fixed in Firefox 60, Firefox ESR 60.1, and Firefox ESR 52.9 (bsc#1098998). \n- CVE-2018-12368 No warning when opening executable SettingContent-ms files (bsc#1098998).\n- CVE-2018-12366 Invalid data handling during QCMS transformations (bsc#1098998).\n- CVE-2018-12365 Compromised IPC child process can list local filenames (bsc#1098998).\n- CVE-2018-12364 CSRF attacks through 307 redirects and NPAPI plugins (bsc#1098998).\n- CVE-2018-12363 Use-after-free when appending DOM nodes (bsc#1098998).\n- CVE-2018-12362 Integer overflow in SSSE3 scaler (bsc#1098998).\n- CVE-2018-12360 Use-after-free when using focus() (bsc#1098998).\n- CVE-2018-5156 Media recorder segmentation fault when track type is changed during capture (bsc#1098998).\n- CVE-2018-12359 Buffer overflow using computed size of canvas element (bsc#1098998).\n\n- Firefox ESR 52.8:\n- CVE-2018-6126: Prevent heap buffer overflow in rasterizing paths in SVG with Skia (bsc#1096449).\n- CVE-2018-5183: Backport critical security fixes in Skia (bsc#1092548).\n- CVE-2018-5154: Use-after-free with SVG animations and clip paths (bsc#1092548).\n- CVE-2018-5155: Use-after-free with SVG animations and text paths (bsc#1092548).\n- CVE-2018-5157: Same-origin bypass of PDF Viewer to view protected PDF files (bsc#1092548).\n- CVE-2018-5158: Malicious PDF can inject JavaScript into PDF Viewer (bsc#1092548).\n- CVE-2018-5159: Integer overflow and out-of-bounds write in Skia (bsc#1092548).\n- CVE-2018-5168: Lightweight themes can be installed without user interaction (bsc#1092548).\n- CVE-2018-5178: Buffer overflow during UTF-8 to Unicode string conversion through legacy extension (bsc#1092548).\n- CVE-2018-5150: Memory safety bugs fixed in Firefox 60 and Firefox ESR 52.8 (bsc#1092548).\n\nThese non-security issues were fixed:\n\n- Various stability and regression fixes\n- Performance improvements to the Safe Browsing service to avoid slowdowns\n while updating site classification data\n", "title": "Description of the patch" }, { "category": "details", "text": "SUSE-SLE-Module-Desktop-Applications-15-2018-1536", "title": "Patchnames" }, { "category": "legal_disclaimer", "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", "title": "Terms of use" } ], "publisher": { "category": "vendor", "contact_details": "https://www.suse.com/support/security/contact/", "name": "SUSE Product Security Team", "namespace": "https://www.suse.com/" }, "references": [ { "category": "external", "summary": "SUSE ratings", "url": "https://www.suse.com/support/security/rating/" }, { "category": "self", "summary": "URL of this CSAF notice", "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2018_2298-1.json" }, { "category": "self", "summary": "URL for SUSE-SU-2018:2298-1", "url": "https://www.suse.com/support/update/announcement/2018/suse-su-20182298-1/" }, { "category": "self", "summary": "E-Mail link for SUSE-SU-2018:2298-1", "url": "https://lists.suse.com/pipermail/sle-security-updates/2018-August/004400.html" }, { "category": "self", "summary": "SUSE Bug 1092548", "url": "https://bugzilla.suse.com/1092548" }, { "category": "self", "summary": "SUSE Bug 1096449", "url": "https://bugzilla.suse.com/1096449" }, { "category": "self", "summary": "SUSE Bug 1098998", "url": "https://bugzilla.suse.com/1098998" }, { "category": "self", "summary": "SUSE CVE CVE-2018-12359 page", "url": "https://www.suse.com/security/cve/CVE-2018-12359/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-12360 page", "url": "https://www.suse.com/security/cve/CVE-2018-12360/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-12362 page", "url": "https://www.suse.com/security/cve/CVE-2018-12362/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-12363 page", "url": "https://www.suse.com/security/cve/CVE-2018-12363/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-12364 page", "url": "https://www.suse.com/security/cve/CVE-2018-12364/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-12365 page", "url": "https://www.suse.com/security/cve/CVE-2018-12365/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-12366 page", "url": "https://www.suse.com/security/cve/CVE-2018-12366/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-12368 page", "url": "https://www.suse.com/security/cve/CVE-2018-12368/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5150 page", "url": "https://www.suse.com/security/cve/CVE-2018-5150/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5154 page", "url": "https://www.suse.com/security/cve/CVE-2018-5154/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5155 page", "url": "https://www.suse.com/security/cve/CVE-2018-5155/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5156 page", "url": "https://www.suse.com/security/cve/CVE-2018-5156/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5157 page", "url": "https://www.suse.com/security/cve/CVE-2018-5157/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5158 page", "url": "https://www.suse.com/security/cve/CVE-2018-5158/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5159 page", "url": "https://www.suse.com/security/cve/CVE-2018-5159/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5168 page", "url": "https://www.suse.com/security/cve/CVE-2018-5168/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5178 page", "url": "https://www.suse.com/security/cve/CVE-2018-5178/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5183 page", "url": "https://www.suse.com/security/cve/CVE-2018-5183/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5188 page", "url": "https://www.suse.com/security/cve/CVE-2018-5188/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-6126 page", "url": "https://www.suse.com/security/cve/CVE-2018-6126/" } ], "title": "Security update for MozillaFirefox", "tracking": { "current_release_date": "2018-08-10T09:36:01Z", "generator": { "date": "2018-08-10T09:36:01Z", "engine": { "name": "cve-database.git:bin/generate-csaf.pl", "version": "1" } }, "id": "SUSE-SU-2018:2298-1", "initial_release_date": "2018-08-10T09:36:01Z", "revision_history": [ { "date": "2018-08-10T09:36:01Z", "number": "1", "summary": "Current version" } ], "status": "final", "version": "1" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_version", "name": "MozillaFirefox-52.9.0esr-3.7.12.aarch64", "product": { "name": "MozillaFirefox-52.9.0esr-3.7.12.aarch64", "product_id": "MozillaFirefox-52.9.0esr-3.7.12.aarch64" } }, { "category": "product_version", "name": "MozillaFirefox-devel-52.9.0esr-3.7.12.aarch64", "product": { "name": "MozillaFirefox-devel-52.9.0esr-3.7.12.aarch64", "product_id": "MozillaFirefox-devel-52.9.0esr-3.7.12.aarch64" } }, { "category": "product_version", "name": "MozillaFirefox-translations-common-52.9.0esr-3.7.12.aarch64", "product": { "name": "MozillaFirefox-translations-common-52.9.0esr-3.7.12.aarch64", "product_id": "MozillaFirefox-translations-common-52.9.0esr-3.7.12.aarch64" } }, { "category": "product_version", "name": "MozillaFirefox-translations-other-52.9.0esr-3.7.12.aarch64", "product": { "name": "MozillaFirefox-translations-other-52.9.0esr-3.7.12.aarch64", "product_id": "MozillaFirefox-translations-other-52.9.0esr-3.7.12.aarch64" } } ], "category": "architecture", "name": "aarch64" }, { "branches": [ { "category": "product_version", "name": "MozillaFirefox-52.9.0esr-3.7.12.ppc64le", "product": { "name": "MozillaFirefox-52.9.0esr-3.7.12.ppc64le", "product_id": "MozillaFirefox-52.9.0esr-3.7.12.ppc64le" } }, { "category": "product_version", "name": "MozillaFirefox-devel-52.9.0esr-3.7.12.ppc64le", "product": { "name": "MozillaFirefox-devel-52.9.0esr-3.7.12.ppc64le", "product_id": "MozillaFirefox-devel-52.9.0esr-3.7.12.ppc64le" } }, { "category": "product_version", "name": "MozillaFirefox-translations-common-52.9.0esr-3.7.12.ppc64le", "product": { "name": "MozillaFirefox-translations-common-52.9.0esr-3.7.12.ppc64le", "product_id": "MozillaFirefox-translations-common-52.9.0esr-3.7.12.ppc64le" } }, { "category": "product_version", "name": "MozillaFirefox-translations-other-52.9.0esr-3.7.12.ppc64le", "product": { "name": "MozillaFirefox-translations-other-52.9.0esr-3.7.12.ppc64le", "product_id": "MozillaFirefox-translations-other-52.9.0esr-3.7.12.ppc64le" } } ], "category": "architecture", "name": "ppc64le" }, { "branches": [ { "category": "product_version", "name": "MozillaFirefox-52.9.0esr-3.7.12.s390x", "product": { "name": "MozillaFirefox-52.9.0esr-3.7.12.s390x", "product_id": "MozillaFirefox-52.9.0esr-3.7.12.s390x" } }, { "category": "product_version", "name": "MozillaFirefox-translations-common-52.9.0esr-3.7.12.s390x", "product": { "name": "MozillaFirefox-translations-common-52.9.0esr-3.7.12.s390x", "product_id": "MozillaFirefox-translations-common-52.9.0esr-3.7.12.s390x" } }, { "category": "product_version", "name": "MozillaFirefox-translations-other-52.9.0esr-3.7.12.s390x", "product": { "name": "MozillaFirefox-translations-other-52.9.0esr-3.7.12.s390x", "product_id": "MozillaFirefox-translations-other-52.9.0esr-3.7.12.s390x" } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "MozillaFirefox-52.9.0esr-3.7.12.x86_64", "product": { "name": "MozillaFirefox-52.9.0esr-3.7.12.x86_64", "product_id": "MozillaFirefox-52.9.0esr-3.7.12.x86_64" } }, { "category": "product_version", "name": "MozillaFirefox-devel-52.9.0esr-3.7.12.x86_64", "product": { "name": "MozillaFirefox-devel-52.9.0esr-3.7.12.x86_64", "product_id": "MozillaFirefox-devel-52.9.0esr-3.7.12.x86_64" } }, { "category": "product_version", "name": "MozillaFirefox-translations-common-52.9.0esr-3.7.12.x86_64", "product": { "name": "MozillaFirefox-translations-common-52.9.0esr-3.7.12.x86_64", "product_id": "MozillaFirefox-translations-common-52.9.0esr-3.7.12.x86_64" } }, { "category": "product_version", "name": "MozillaFirefox-translations-other-52.9.0esr-3.7.12.x86_64", "product": { "name": "MozillaFirefox-translations-other-52.9.0esr-3.7.12.x86_64", "product_id": "MozillaFirefox-translations-other-52.9.0esr-3.7.12.x86_64" } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_name", "name": "SUSE Linux Enterprise Module for Desktop Applications 15", "product": { "name": "SUSE Linux Enterprise Module for Desktop Applications 15", "product_id": "SUSE Linux Enterprise Module for Desktop Applications 15", "product_identification_helper": { "cpe": "cpe:/o:suse:sle-module-desktop-applications:15" } } } ], "category": "product_family", "name": "SUSE Linux Enterprise" } ], "category": "vendor", "name": "SUSE" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-52.9.0esr-3.7.12.aarch64 as component of SUSE Linux Enterprise Module for Desktop Applications 15", "product_id": "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.aarch64" }, "product_reference": "MozillaFirefox-52.9.0esr-3.7.12.aarch64", "relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-52.9.0esr-3.7.12.ppc64le as component of SUSE Linux Enterprise Module for Desktop Applications 15", "product_id": "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.ppc64le" }, "product_reference": "MozillaFirefox-52.9.0esr-3.7.12.ppc64le", "relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-52.9.0esr-3.7.12.s390x as component of SUSE Linux Enterprise Module for Desktop Applications 15", "product_id": "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.s390x" }, "product_reference": "MozillaFirefox-52.9.0esr-3.7.12.s390x", "relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-52.9.0esr-3.7.12.x86_64 as component of SUSE Linux Enterprise Module for Desktop Applications 15", "product_id": "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.x86_64" }, "product_reference": "MozillaFirefox-52.9.0esr-3.7.12.x86_64", "relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-devel-52.9.0esr-3.7.12.aarch64 as component of SUSE Linux Enterprise Module for Desktop Applications 15", "product_id": "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.aarch64" }, "product_reference": "MozillaFirefox-devel-52.9.0esr-3.7.12.aarch64", "relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-devel-52.9.0esr-3.7.12.ppc64le as component of SUSE Linux Enterprise Module for Desktop Applications 15", "product_id": "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.ppc64le" }, "product_reference": "MozillaFirefox-devel-52.9.0esr-3.7.12.ppc64le", "relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-devel-52.9.0esr-3.7.12.x86_64 as component of SUSE Linux Enterprise Module for Desktop Applications 15", "product_id": "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.x86_64" }, "product_reference": "MozillaFirefox-devel-52.9.0esr-3.7.12.x86_64", "relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-translations-common-52.9.0esr-3.7.12.aarch64 as component of SUSE Linux Enterprise Module for Desktop Applications 15", "product_id": "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.aarch64" }, "product_reference": "MozillaFirefox-translations-common-52.9.0esr-3.7.12.aarch64", "relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-translations-common-52.9.0esr-3.7.12.ppc64le as component of SUSE Linux Enterprise Module for Desktop Applications 15", "product_id": "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.ppc64le" }, "product_reference": "MozillaFirefox-translations-common-52.9.0esr-3.7.12.ppc64le", "relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-translations-common-52.9.0esr-3.7.12.s390x as component of SUSE Linux Enterprise Module for Desktop Applications 15", "product_id": "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.s390x" }, "product_reference": "MozillaFirefox-translations-common-52.9.0esr-3.7.12.s390x", "relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-translations-common-52.9.0esr-3.7.12.x86_64 as component of SUSE Linux Enterprise Module for Desktop Applications 15", "product_id": "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.x86_64" }, "product_reference": "MozillaFirefox-translations-common-52.9.0esr-3.7.12.x86_64", "relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-translations-other-52.9.0esr-3.7.12.aarch64 as component of SUSE Linux Enterprise Module for Desktop Applications 15", "product_id": "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.aarch64" }, "product_reference": "MozillaFirefox-translations-other-52.9.0esr-3.7.12.aarch64", "relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-translations-other-52.9.0esr-3.7.12.ppc64le as component of SUSE Linux Enterprise Module for Desktop Applications 15", "product_id": "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.ppc64le" }, "product_reference": "MozillaFirefox-translations-other-52.9.0esr-3.7.12.ppc64le", "relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-translations-other-52.9.0esr-3.7.12.s390x as component of SUSE Linux Enterprise Module for Desktop Applications 15", "product_id": "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.s390x" }, "product_reference": "MozillaFirefox-translations-other-52.9.0esr-3.7.12.s390x", "relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-translations-other-52.9.0esr-3.7.12.x86_64 as component of SUSE Linux Enterprise Module for Desktop Applications 15", "product_id": "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.x86_64" }, "product_reference": "MozillaFirefox-translations-other-52.9.0esr-3.7.12.x86_64", "relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15" } ] }, "vulnerabilities": [ { "cve": "CVE-2018-12359", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2018-12359" } ], "notes": [ { "category": "general", "text": "A buffer overflow can occur when rendering canvas content while adjusting the height and width of the canvas element dynamically, causing data to be written outside of the currently computed boundaries. This results in a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 60, Thunderbird \u003c 52.9, Firefox ESR \u003c 60.1, Firefox ESR \u003c 52.9, and Firefox \u003c 61.", "title": "CVE description" } ], "product_status": { "recommended": [ "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2018-12359", "url": "https://www.suse.com/security/cve/CVE-2018-12359" }, { "category": "external", "summary": "SUSE Bug 1098998 for CVE-2018-12359", "url": "https://bugzilla.suse.com/1098998" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2018-08-10T09:36:01Z", "details": "important" } ], "title": "CVE-2018-12359" }, { "cve": "CVE-2018-12360", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2018-12360" } ], "notes": [ { "category": "general", "text": "A use-after-free vulnerability can occur when deleting an input element during a mutation event handler triggered by focusing that element. This results in a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 60, Thunderbird \u003c 52.9, Firefox ESR \u003c 60.1, Firefox ESR \u003c 52.9, and Firefox \u003c 61.", "title": "CVE description" } ], "product_status": { "recommended": [ "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2018-12360", "url": "https://www.suse.com/security/cve/CVE-2018-12360" }, { "category": "external", "summary": "SUSE Bug 1098998 for CVE-2018-12360", "url": "https://bugzilla.suse.com/1098998" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2018-08-10T09:36:01Z", "details": "important" } ], "title": "CVE-2018-12360" }, { "cve": "CVE-2018-12362", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2018-12362" } ], "notes": [ { "category": "general", "text": "An integer overflow can occur during graphics operations done by the Supplemental Streaming SIMD Extensions 3 (SSSE3) scaler, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 60, Thunderbird \u003c 52.9, Firefox ESR \u003c 60.1, Firefox ESR \u003c 52.9, and Firefox \u003c 61.", "title": "CVE description" } ], "product_status": { "recommended": [ "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2018-12362", "url": "https://www.suse.com/security/cve/CVE-2018-12362" }, { "category": "external", "summary": "SUSE Bug 1098998 for CVE-2018-12362", "url": "https://bugzilla.suse.com/1098998" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2018-08-10T09:36:01Z", "details": "important" } ], "title": "CVE-2018-12362" }, { "cve": "CVE-2018-12363", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2018-12363" } ], "notes": [ { "category": "general", "text": "A use-after-free vulnerability can occur when script uses mutation events to move DOM nodes between documents, resulting in the old document that held the node being freed but the node still having a pointer referencing it. This results in a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 60, Thunderbird \u003c 52.9, Firefox ESR \u003c 60.1, Firefox ESR \u003c 52.9, and Firefox \u003c 61.", "title": "CVE description" } ], "product_status": { "recommended": [ "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2018-12363", "url": "https://www.suse.com/security/cve/CVE-2018-12363" }, { "category": "external", "summary": "SUSE Bug 1098998 for CVE-2018-12363", "url": "https://bugzilla.suse.com/1098998" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2018-08-10T09:36:01Z", "details": "important" } ], "title": "CVE-2018-12363" }, { "cve": "CVE-2018-12364", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2018-12364" } ], "notes": [ { "category": "general", "text": "NPAPI plugins, such as Adobe Flash, can send non-simple cross-origin requests, bypassing CORS by making a same-origin POST that does a 307 redirect to the target site. This allows for a malicious site to engage in cross-site request forgery (CSRF) attacks. This vulnerability affects Thunderbird \u003c 60, Thunderbird \u003c 52.9, Firefox ESR \u003c 60.1, Firefox ESR \u003c 52.9, and Firefox \u003c 61.", "title": "CVE description" } ], "product_status": { "recommended": [ "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2018-12364", "url": "https://www.suse.com/security/cve/CVE-2018-12364" }, { "category": "external", "summary": "SUSE Bug 1098998 for CVE-2018-12364", "url": "https://bugzilla.suse.com/1098998" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2018-08-10T09:36:01Z", "details": "important" } ], "title": "CVE-2018-12364" }, { "cve": "CVE-2018-12365", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2018-12365" } ], "notes": [ { "category": "general", "text": "A compromised IPC child process can escape the content sandbox and list the names of arbitrary files on the file system without user consent or interaction. This could result in exposure of private local files. This vulnerability affects Thunderbird \u003c 60, Thunderbird \u003c 52.9, Firefox ESR \u003c 60.1, Firefox ESR \u003c 52.9, and Firefox \u003c 61.", "title": "CVE description" } ], "product_status": { "recommended": [ "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2018-12365", "url": "https://www.suse.com/security/cve/CVE-2018-12365" }, { "category": "external", "summary": "SUSE Bug 1098998 for CVE-2018-12365", "url": "https://bugzilla.suse.com/1098998" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 4, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.0" }, "products": [ "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2018-08-10T09:36:01Z", "details": "important" } ], "title": "CVE-2018-12365" }, { "cve": "CVE-2018-12366", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2018-12366" } ], "notes": [ { "category": "general", "text": "An invalid grid size during QCMS (color profile) transformations can result in the out-of-bounds read interpreted as a float value. This could leak private data into the output. This vulnerability affects Thunderbird \u003c 60, Thunderbird \u003c 52.9, Firefox ESR \u003c 60.1, Firefox ESR \u003c 52.9, and Firefox \u003c 61.", "title": "CVE description" } ], "product_status": { "recommended": [ "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2018-12366", "url": "https://www.suse.com/security/cve/CVE-2018-12366" }, { "category": "external", "summary": "SUSE Bug 1098998 for CVE-2018-12366", "url": "https://bugzilla.suse.com/1098998" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2018-08-10T09:36:01Z", "details": "important" } ], "title": "CVE-2018-12366" }, { "cve": "CVE-2018-12368", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2018-12368" } ], "notes": [ { "category": "general", "text": "Windows 10 does not warn users before opening executable files with the SettingContent-ms extension even when they have been downloaded from the internet and have the \"Mark of the Web.\" Without the warning, unsuspecting users unfamiliar with this new file type might run an unwanted executable. This also allows a WebExtension with the limited downloads.open permission to execute arbitrary code without user interaction on Windows 10 systems. *Note: this issue only affects Windows operating systems. Other operating systems are unaffected.*. This vulnerability affects Thunderbird \u003c 60, Thunderbird \u003c 52.9, Firefox ESR \u003c 60.1, Firefox ESR \u003c 52.9, and Firefox \u003c 61.", "title": "CVE description" } ], "product_status": { "recommended": [ "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2018-12368", "url": "https://www.suse.com/security/cve/CVE-2018-12368" }, { "category": "external", "summary": "SUSE Bug 1098998 for CVE-2018-12368", "url": "https://bugzilla.suse.com/1098998" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0" }, "products": [ "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2018-08-10T09:36:01Z", "details": "important" } ], "title": "CVE-2018-12368" }, { "cve": "CVE-2018-5150", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2018-5150" } ], "notes": [ { "category": "general", "text": "Memory safety bugs were reported in Firefox 59, Firefox ESR 52.7, and Thunderbird 52.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird \u003c 52.8, Thunderbird ESR \u003c 52.8, Firefox \u003c 60, and Firefox ESR \u003c 52.8.", "title": "CVE description" } ], "product_status": { "recommended": [ "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2018-5150", "url": "https://www.suse.com/security/cve/CVE-2018-5150" }, { "category": "external", "summary": "SUSE Bug 1092548 for CVE-2018-5150", "url": "https://bugzilla.suse.com/1092548" }, { "category": "external", "summary": "SUSE Bug 1092611 for CVE-2018-5150", "url": "https://bugzilla.suse.com/1092611" }, { "category": "external", "summary": "SUSE Bug 1093969 for CVE-2018-5150", "url": "https://bugzilla.suse.com/1093969" }, { "category": "external", "summary": "SUSE Bug 1093970 for CVE-2018-5150", "url": "https://bugzilla.suse.com/1093970" }, { "category": "external", "summary": "SUSE Bug 1093971 for CVE-2018-5150", "url": "https://bugzilla.suse.com/1093971" }, { "category": "external", "summary": "SUSE Bug 1093972 for CVE-2018-5150", "url": "https://bugzilla.suse.com/1093972" }, { "category": "external", "summary": "SUSE Bug 1093973 for CVE-2018-5150", "url": "https://bugzilla.suse.com/1093973" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2018-08-10T09:36:01Z", "details": "important" } ], "title": "CVE-2018-5150" }, { "cve": "CVE-2018-5154", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2018-5154" } ], "notes": [ { "category": "general", "text": "A use-after-free vulnerability can occur while enumerating attributes during SVG animations with clip paths. This results in a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 52.8, Thunderbird ESR \u003c 52.8, Firefox \u003c 60, and Firefox ESR \u003c 52.8.", "title": "CVE description" } ], "product_status": { "recommended": [ "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2018-5154", "url": "https://www.suse.com/security/cve/CVE-2018-5154" }, { "category": "external", "summary": "SUSE Bug 1092548 for CVE-2018-5154", "url": "https://bugzilla.suse.com/1092548" }, { "category": "external", "summary": "SUSE Bug 1092611 for CVE-2018-5154", "url": "https://bugzilla.suse.com/1092611" }, { "category": "external", "summary": "SUSE Bug 1093969 for CVE-2018-5154", "url": "https://bugzilla.suse.com/1093969" }, { "category": "external", "summary": "SUSE Bug 1093970 for CVE-2018-5154", "url": "https://bugzilla.suse.com/1093970" }, { "category": "external", "summary": "SUSE Bug 1093971 for CVE-2018-5154", "url": "https://bugzilla.suse.com/1093971" }, { "category": "external", "summary": "SUSE Bug 1093972 for CVE-2018-5154", "url": "https://bugzilla.suse.com/1093972" }, { "category": "external", "summary": "SUSE Bug 1093973 for CVE-2018-5154", "url": "https://bugzilla.suse.com/1093973" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2018-08-10T09:36:01Z", "details": "important" } ], "title": "CVE-2018-5154" }, { "cve": "CVE-2018-5155", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2018-5155" } ], "notes": [ { "category": "general", "text": "A use-after-free vulnerability can occur while adjusting layout during SVG animations with text paths. This results in a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 52.8, Thunderbird ESR \u003c 52.8, Firefox \u003c 60, and Firefox ESR \u003c 52.8.", "title": "CVE description" } ], "product_status": { "recommended": [ "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2018-5155", "url": "https://www.suse.com/security/cve/CVE-2018-5155" }, { "category": "external", "summary": "SUSE Bug 1092548 for CVE-2018-5155", "url": "https://bugzilla.suse.com/1092548" }, { "category": "external", "summary": "SUSE Bug 1092611 for CVE-2018-5155", "url": "https://bugzilla.suse.com/1092611" }, { "category": "external", "summary": "SUSE Bug 1093969 for CVE-2018-5155", "url": "https://bugzilla.suse.com/1093969" }, { "category": "external", "summary": "SUSE Bug 1093970 for CVE-2018-5155", "url": "https://bugzilla.suse.com/1093970" }, { "category": "external", "summary": "SUSE Bug 1093971 for CVE-2018-5155", "url": "https://bugzilla.suse.com/1093971" }, { "category": "external", "summary": "SUSE Bug 1093972 for CVE-2018-5155", "url": "https://bugzilla.suse.com/1093972" }, { "category": "external", "summary": "SUSE Bug 1093973 for CVE-2018-5155", "url": "https://bugzilla.suse.com/1093973" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2018-08-10T09:36:01Z", "details": "important" } ], "title": "CVE-2018-5155" }, { "cve": "CVE-2018-5156", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2018-5156" } ], "notes": [ { "category": "general", "text": "A vulnerability can occur when capturing a media stream when the media source type is changed as the capture is occurring. This can result in stream data being cast to the wrong type causing a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 60, Firefox ESR \u003c 60.1, Firefox ESR \u003c 52.9, and Firefox \u003c 61.", "title": "CVE description" } ], "product_status": { "recommended": [ "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2018-5156", "url": "https://www.suse.com/security/cve/CVE-2018-5156" }, { "category": "external", "summary": "SUSE Bug 1098998 for CVE-2018-5156", "url": "https://bugzilla.suse.com/1098998" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2018-08-10T09:36:01Z", "details": "important" } ], "title": "CVE-2018-5156" }, { "cve": "CVE-2018-5157", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2018-5157" } ], "notes": [ { "category": "general", "text": "Same-origin protections for the PDF viewer can be bypassed, allowing a malicious site to intercept messages meant for the viewer. This could allow the site to retrieve PDF files restricted to viewing by an authenticated user on a third-party website. This vulnerability affects Firefox ESR \u003c 52.8 and Firefox \u003c 60.", "title": "CVE description" } ], "product_status": { "recommended": [ "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2018-5157", "url": "https://www.suse.com/security/cve/CVE-2018-5157" }, { "category": "external", "summary": "SUSE Bug 1092548 for CVE-2018-5157", "url": "https://bugzilla.suse.com/1092548" }, { "category": "external", "summary": "SUSE Bug 1092611 for CVE-2018-5157", "url": "https://bugzilla.suse.com/1092611" }, { "category": "external", "summary": "SUSE Bug 1093969 for CVE-2018-5157", "url": "https://bugzilla.suse.com/1093969" }, { "category": "external", "summary": "SUSE Bug 1093970 for CVE-2018-5157", "url": "https://bugzilla.suse.com/1093970" }, { "category": "external", "summary": "SUSE Bug 1093971 for CVE-2018-5157", "url": "https://bugzilla.suse.com/1093971" }, { "category": "external", "summary": "SUSE Bug 1093972 for CVE-2018-5157", "url": "https://bugzilla.suse.com/1093972" }, { "category": "external", "summary": "SUSE Bug 1093973 for CVE-2018-5157", "url": "https://bugzilla.suse.com/1093973" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2018-08-10T09:36:01Z", "details": "important" } ], "title": "CVE-2018-5157" }, { "cve": "CVE-2018-5158", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2018-5158" } ], "notes": [ { "category": "general", "text": "The PDF viewer does not sufficiently sanitize PostScript calculator functions, allowing malicious JavaScript to be injected through a crafted PDF file. This JavaScript can then be run with the permissions of the PDF viewer by its worker. This vulnerability affects Firefox ESR \u003c 52.8 and Firefox \u003c 60.", "title": "CVE description" } ], "product_status": { "recommended": [ "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2018-5158", "url": "https://www.suse.com/security/cve/CVE-2018-5158" }, { "category": "external", "summary": "SUSE Bug 1092548 for CVE-2018-5158", "url": "https://bugzilla.suse.com/1092548" }, { "category": "external", "summary": "SUSE Bug 1092611 for CVE-2018-5158", "url": "https://bugzilla.suse.com/1092611" }, { "category": "external", "summary": "SUSE Bug 1093969 for CVE-2018-5158", "url": "https://bugzilla.suse.com/1093969" }, { "category": "external", "summary": "SUSE Bug 1093970 for CVE-2018-5158", "url": "https://bugzilla.suse.com/1093970" }, { "category": "external", "summary": "SUSE Bug 1093971 for CVE-2018-5158", "url": "https://bugzilla.suse.com/1093971" }, { "category": "external", "summary": "SUSE Bug 1093972 for CVE-2018-5158", "url": "https://bugzilla.suse.com/1093972" }, { "category": "external", "summary": "SUSE Bug 1093973 for CVE-2018-5158", "url": "https://bugzilla.suse.com/1093973" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2018-08-10T09:36:01Z", "details": "important" } ], "title": "CVE-2018-5158" }, { "cve": "CVE-2018-5159", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2018-5159" } ], "notes": [ { "category": "general", "text": "An integer overflow can occur in the Skia library due to 32-bit integer use in an array without integer overflow checks, resulting in possible out-of-bounds writes. This could lead to a potentially exploitable crash triggerable by web content. This vulnerability affects Thunderbird \u003c 52.8, Thunderbird ESR \u003c 52.8, Firefox \u003c 60, and Firefox ESR \u003c 52.8.", "title": "CVE description" } ], "product_status": { "recommended": [ "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2018-5159", "url": "https://www.suse.com/security/cve/CVE-2018-5159" }, { "category": "external", "summary": "SUSE Bug 1092548 for CVE-2018-5159", "url": "https://bugzilla.suse.com/1092548" }, { "category": "external", "summary": "SUSE Bug 1092611 for CVE-2018-5159", "url": "https://bugzilla.suse.com/1092611" }, { "category": "external", "summary": "SUSE Bug 1093969 for CVE-2018-5159", "url": "https://bugzilla.suse.com/1093969" }, { "category": "external", "summary": "SUSE Bug 1093970 for CVE-2018-5159", "url": "https://bugzilla.suse.com/1093970" }, { "category": "external", "summary": "SUSE Bug 1093971 for CVE-2018-5159", "url": "https://bugzilla.suse.com/1093971" }, { "category": "external", "summary": "SUSE Bug 1093972 for CVE-2018-5159", "url": "https://bugzilla.suse.com/1093972" }, { "category": "external", "summary": "SUSE Bug 1093973 for CVE-2018-5159", "url": "https://bugzilla.suse.com/1093973" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2018-08-10T09:36:01Z", "details": "important" } ], "title": "CVE-2018-5159" }, { "cve": "CVE-2018-5168", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2018-5168" } ], "notes": [ { "category": "general", "text": "Sites can bypass security checks on permissions to install lightweight themes by manipulating the \"baseURI\" property of the theme element. This could allow a malicious site to install a theme without user interaction which could contain offensive or embarrassing images. This vulnerability affects Thunderbird \u003c 52.8, Thunderbird ESR \u003c 52.8, Firefox \u003c 60, and Firefox ESR \u003c 52.8.", "title": "CVE description" } ], "product_status": { "recommended": [ "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2018-5168", "url": "https://www.suse.com/security/cve/CVE-2018-5168" }, { "category": "external", "summary": "SUSE Bug 1092548 for CVE-2018-5168", "url": "https://bugzilla.suse.com/1092548" }, { "category": "external", "summary": "SUSE Bug 1092611 for CVE-2018-5168", "url": "https://bugzilla.suse.com/1092611" }, { "category": "external", "summary": "SUSE Bug 1093969 for CVE-2018-5168", "url": "https://bugzilla.suse.com/1093969" }, { "category": "external", "summary": "SUSE Bug 1093970 for CVE-2018-5168", "url": "https://bugzilla.suse.com/1093970" }, { "category": "external", "summary": "SUSE Bug 1093971 for CVE-2018-5168", "url": "https://bugzilla.suse.com/1093971" }, { "category": "external", "summary": "SUSE Bug 1093972 for CVE-2018-5168", "url": "https://bugzilla.suse.com/1093972" }, { "category": "external", "summary": "SUSE Bug 1093973 for CVE-2018-5168", "url": "https://bugzilla.suse.com/1093973" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0" }, "products": [ "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2018-08-10T09:36:01Z", "details": "important" } ], "title": "CVE-2018-5168" }, { "cve": "CVE-2018-5178", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2018-5178" } ], "notes": [ { "category": "general", "text": "A buffer overflow was found during UTF8 to Unicode string conversion within JavaScript with extremely large amounts of data. This vulnerability requires the use of a malicious or vulnerable legacy extension in order to occur. This vulnerability affects Thunderbird ESR \u003c 52.8, Thunderbird \u003c 52.8, and Firefox ESR \u003c 52.8.", "title": "CVE description" } ], "product_status": { "recommended": [ "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2018-5178", "url": "https://www.suse.com/security/cve/CVE-2018-5178" }, { "category": "external", "summary": "SUSE Bug 1092548 for CVE-2018-5178", "url": "https://bugzilla.suse.com/1092548" }, { "category": "external", "summary": "SUSE Bug 1092611 for CVE-2018-5178", "url": "https://bugzilla.suse.com/1092611" }, { "category": "external", "summary": "SUSE Bug 1093969 for CVE-2018-5178", "url": "https://bugzilla.suse.com/1093969" }, { "category": "external", "summary": "SUSE Bug 1093970 for CVE-2018-5178", "url": "https://bugzilla.suse.com/1093970" }, { "category": "external", "summary": "SUSE Bug 1093971 for CVE-2018-5178", "url": "https://bugzilla.suse.com/1093971" }, { "category": "external", "summary": "SUSE Bug 1093972 for CVE-2018-5178", "url": "https://bugzilla.suse.com/1093972" }, { "category": "external", "summary": "SUSE Bug 1093973 for CVE-2018-5178", "url": "https://bugzilla.suse.com/1093973" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 8.1, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2018-08-10T09:36:01Z", "details": "important" } ], "title": "CVE-2018-5178" }, { "cve": "CVE-2018-5183", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2018-5183" } ], "notes": [ { "category": "general", "text": "Mozilla developers backported selected changes in the Skia library. These changes correct memory corruption issues including invalid buffer reads and writes during graphic operations. This vulnerability affects Thunderbird ESR \u003c 52.8, Thunderbird \u003c 52.8, and Firefox ESR \u003c 52.8.", "title": "CVE description" } ], "product_status": { "recommended": [ "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2018-5183", "url": "https://www.suse.com/security/cve/CVE-2018-5183" }, { "category": "external", "summary": "SUSE Bug 1092548 for CVE-2018-5183", "url": "https://bugzilla.suse.com/1092548" }, { "category": "external", "summary": "SUSE Bug 1092611 for CVE-2018-5183", "url": "https://bugzilla.suse.com/1092611" }, { "category": "external", "summary": "SUSE Bug 1093969 for CVE-2018-5183", "url": "https://bugzilla.suse.com/1093969" }, { "category": "external", "summary": "SUSE Bug 1093970 for CVE-2018-5183", "url": "https://bugzilla.suse.com/1093970" }, { "category": "external", "summary": "SUSE Bug 1093971 for CVE-2018-5183", "url": "https://bugzilla.suse.com/1093971" }, { "category": "external", "summary": "SUSE Bug 1093972 for CVE-2018-5183", "url": "https://bugzilla.suse.com/1093972" }, { "category": "external", "summary": "SUSE Bug 1093973 for CVE-2018-5183", "url": "https://bugzilla.suse.com/1093973" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2018-08-10T09:36:01Z", "details": "important" } ], "title": "CVE-2018-5183" }, { "cve": "CVE-2018-5188", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2018-5188" } ], "notes": [ { "category": "general", "text": "Memory safety bugs present in Firefox 60, Firefox ESR 60, and Firefox ESR 52.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird \u003c 60, Thunderbird \u003c 52.9, Firefox ESR \u003c 60.1, Firefox ESR \u003c 52.9, and Firefox \u003c 61.", "title": "CVE description" } ], "product_status": { "recommended": [ "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2018-5188", "url": "https://www.suse.com/security/cve/CVE-2018-5188" }, { "category": "external", "summary": "SUSE Bug 1098998 for CVE-2018-5188", "url": "https://bugzilla.suse.com/1098998" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2018-08-10T09:36:01Z", "details": "important" } ], "title": "CVE-2018-5188" }, { "cve": "CVE-2018-6126", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2018-6126" } ], "notes": [ { "category": "general", "text": "A precision error in Skia in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page.", "title": "CVE description" } ], "product_status": { "recommended": [ "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2018-6126", "url": "https://www.suse.com/security/cve/CVE-2018-6126" }, { "category": "external", "summary": "SUSE Bug 1095163 for CVE-2018-6126", "url": "https://bugzilla.suse.com/1095163" }, { "category": "external", "summary": "SUSE Bug 1096449 for CVE-2018-6126", "url": "https://bugzilla.suse.com/1096449" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2018-08-10T09:36:01Z", "details": "important" } ], "title": "CVE-2018-6126" } ] }
suse-su-2018:1319-1
Vulnerability from csaf_suse
Notes
{ "document": { "aggregate_severity": { "namespace": "https://www.suse.com/support/security/rating/", "text": "important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright 2024 SUSE LLC. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Security update for MozillaFirefox", "title": "Title of the patch" }, { "category": "description", "text": "\nThis update for MozillaFirefox to ESR 52.8 release fixes the following issues:\n\nUpdate to Firefox ESR 52.8 (bsc#1092548)\n\nSecurity issues fixed:\n\n- MFSA 2018-12/CVE-2018-5159: Integer overflow and out-of-bounds write in Skia\n- MFSA 2018-12/CVE-2018-5158: Malicious PDF can inject JavaScript into PDF Viewer\n- MFSA 2018-12/CVE-2018-5168: Lightweight themes can be installed without user interaction\n- MFSA 2018-12/CVE-2018-5150: Memory safety bugs fixed in Firefox 60 and Firefox ESR 52.8\n- MFSA 2018-12/CVE-2018-5155: Use-after-free with SVG animations and text paths\n- MFSA 2018-12/CVE-2018-5183: Backport critical security fixes in Skia\n- MFSA 2018-12/CVE-2018-5157: Same-origin bypass of PDF Viewer to view protected PDF files\n- MFSA 2018-12/CVE-2018-5154: Use-after-free with SVG animations and clip paths\n- MFSA 2018-12/CVE-2018-5178: Buffer overflow during UTF-8 to Unicode string conversion through legacy extension\n", "title": "Description of the patch" }, { "category": "details", "text": "sdksp4-MozillaFirefox-13605,sleposp3-MozillaFirefox-13605,slessp3-MozillaFirefox-13605,slessp4-MozillaFirefox-13605", "title": "Patchnames" }, { "category": "legal_disclaimer", "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", "title": "Terms of use" } ], "publisher": { "category": "vendor", "contact_details": "https://www.suse.com/support/security/contact/", "name": "SUSE Product Security Team", "namespace": "https://www.suse.com/" }, "references": [ { "category": "external", "summary": "SUSE ratings", "url": "https://www.suse.com/support/security/rating/" }, { "category": "self", "summary": "URL of this CSAF notice", "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2018_1319-1.json" }, { "category": "self", "summary": "URL for SUSE-SU-2018:1319-1", "url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181319-1/" }, { "category": "self", "summary": "E-Mail link for SUSE-SU-2018:1319-1", "url": "https://lists.suse.com/pipermail/sle-security-updates/2018-May/004056.html" }, { "category": "self", "summary": "SUSE Bug 1092548", "url": "https://bugzilla.suse.com/1092548" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5150 page", "url": "https://www.suse.com/security/cve/CVE-2018-5150/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5154 page", "url": "https://www.suse.com/security/cve/CVE-2018-5154/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5155 page", "url": "https://www.suse.com/security/cve/CVE-2018-5155/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5157 page", "url": "https://www.suse.com/security/cve/CVE-2018-5157/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5158 page", "url": "https://www.suse.com/security/cve/CVE-2018-5158/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5159 page", "url": "https://www.suse.com/security/cve/CVE-2018-5159/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5168 page", "url": "https://www.suse.com/security/cve/CVE-2018-5168/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5174 page", "url": "https://www.suse.com/security/cve/CVE-2018-5174/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5178 page", "url": "https://www.suse.com/security/cve/CVE-2018-5178/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5183 page", "url": "https://www.suse.com/security/cve/CVE-2018-5183/" } ], "title": "Security update for MozillaFirefox", "tracking": { "current_release_date": "2018-05-16T19:36:01Z", "generator": { "date": "2018-05-16T19:36:01Z", "engine": { "name": "cve-database.git:bin/generate-csaf.pl", "version": "1" } }, "id": "SUSE-SU-2018:1319-1", "initial_release_date": "2018-05-16T19:36:01Z", "revision_history": [ { "date": "2018-05-16T19:36:01Z", "number": "1", "summary": "Current version" } ], "status": "final", "version": "1" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_version", "name": "MozillaFirefox-devel-52.8.0esr-72.32.1.i586", "product": { "name": "MozillaFirefox-devel-52.8.0esr-72.32.1.i586", "product_id": "MozillaFirefox-devel-52.8.0esr-72.32.1.i586" } }, { "category": "product_version", "name": "MozillaFirefox-52.8.0esr-72.32.1.i586", "product": { "name": "MozillaFirefox-52.8.0esr-72.32.1.i586", "product_id": "MozillaFirefox-52.8.0esr-72.32.1.i586" } }, { "category": "product_version", "name": "MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "product": { "name": "MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "product_id": "MozillaFirefox-translations-52.8.0esr-72.32.1.i586" } } ], "category": "architecture", "name": "i586" }, { "branches": [ { "category": "product_version", "name": "MozillaFirefox-devel-52.8.0esr-72.32.1.ia64", "product": { "name": "MozillaFirefox-devel-52.8.0esr-72.32.1.ia64", "product_id": "MozillaFirefox-devel-52.8.0esr-72.32.1.ia64" } }, { "category": "product_version", "name": "MozillaFirefox-52.8.0esr-72.32.1.ia64", "product": { "name": "MozillaFirefox-52.8.0esr-72.32.1.ia64", "product_id": "MozillaFirefox-52.8.0esr-72.32.1.ia64" } }, { "category": "product_version", "name": "MozillaFirefox-translations-52.8.0esr-72.32.1.ia64", "product": { "name": "MozillaFirefox-translations-52.8.0esr-72.32.1.ia64", "product_id": "MozillaFirefox-translations-52.8.0esr-72.32.1.ia64" } } ], "category": "architecture", "name": "ia64" }, { "branches": [ { "category": "product_version", "name": "MozillaFirefox-devel-52.8.0esr-72.32.1.ppc64", "product": { "name": "MozillaFirefox-devel-52.8.0esr-72.32.1.ppc64", "product_id": "MozillaFirefox-devel-52.8.0esr-72.32.1.ppc64" } }, { "category": "product_version", "name": "MozillaFirefox-52.8.0esr-72.32.1.ppc64", "product": { "name": "MozillaFirefox-52.8.0esr-72.32.1.ppc64", "product_id": "MozillaFirefox-52.8.0esr-72.32.1.ppc64" } }, { "category": "product_version", "name": "MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64", "product": { "name": "MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64", "product_id": "MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64" } } ], "category": "architecture", "name": "ppc64" }, { "branches": [ { "category": "product_version", "name": "MozillaFirefox-devel-52.8.0esr-72.32.1.s390x", "product": { "name": "MozillaFirefox-devel-52.8.0esr-72.32.1.s390x", "product_id": "MozillaFirefox-devel-52.8.0esr-72.32.1.s390x" } }, { "category": "product_version", "name": "MozillaFirefox-52.8.0esr-72.32.1.s390x", "product": { "name": "MozillaFirefox-52.8.0esr-72.32.1.s390x", "product_id": "MozillaFirefox-52.8.0esr-72.32.1.s390x" } }, { "category": "product_version", "name": "MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "product": { "name": "MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "product_id": "MozillaFirefox-translations-52.8.0esr-72.32.1.s390x" } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "MozillaFirefox-devel-52.8.0esr-72.32.1.x86_64", "product": { "name": "MozillaFirefox-devel-52.8.0esr-72.32.1.x86_64", "product_id": "MozillaFirefox-devel-52.8.0esr-72.32.1.x86_64" } }, { "category": "product_version", "name": "MozillaFirefox-52.8.0esr-72.32.1.x86_64", "product": { "name": "MozillaFirefox-52.8.0esr-72.32.1.x86_64", "product_id": "MozillaFirefox-52.8.0esr-72.32.1.x86_64" } }, { "category": "product_version", "name": "MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "product": { "name": "MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "product_id": "MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64" } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_name", "name": "SUSE Linux Enterprise Software Development Kit 11 SP4", "product": { "name": "SUSE Linux Enterprise Software Development Kit 11 SP4", "product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4", "product_identification_helper": { "cpe": "cpe:/a:suse:sle-sdk:11:sp4" } } }, { "category": "product_name", "name": "SUSE Linux Enterprise Point of Sale 11 SP3", "product": { "name": "SUSE Linux Enterprise Point of Sale 11 SP3", "product_id": "SUSE Linux Enterprise Point of Sale 11 SP3", "product_identification_helper": { "cpe": "cpe:/o:suse:sle-pos:11:sp3" } } }, { "category": "product_name", "name": "SUSE Linux Enterprise Server 11 SP3-LTSS", "product": { "name": "SUSE Linux Enterprise Server 11 SP3-LTSS", "product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS", "product_identification_helper": { "cpe": "cpe:/o:suse:suse_sles_ltss:11:sp3" } } }, { "category": "product_name", "name": "SUSE Linux Enterprise Server 11 SP3-TERADATA", "product": { "name": "SUSE Linux Enterprise Server 11 SP3-TERADATA", "product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA", "product_identification_helper": { "cpe": "cpe:/o:suse:sles:11:sp3:teradata" } } }, { "category": "product_name", "name": "SUSE Linux Enterprise Server 11 SP4", "product": { "name": "SUSE Linux Enterprise Server 11 SP4", "product_id": "SUSE Linux Enterprise Server 11 SP4", "product_identification_helper": { "cpe": "cpe:/o:suse:suse_sles:11:sp4" } } }, { "category": "product_name", "name": "SUSE Linux Enterprise Server for SAP Applications 11 SP4", "product": { "name": "SUSE Linux Enterprise Server for SAP Applications 11 SP4", "product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4", "product_identification_helper": { "cpe": "cpe:/o:suse:sles_sap:11:sp4" } } } ], "category": "product_family", "name": "SUSE Linux Enterprise" } ], "category": "vendor", "name": "SUSE" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-devel-52.8.0esr-72.32.1.i586 as component of SUSE Linux Enterprise Software Development Kit 11 SP4", "product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.i586" }, "product_reference": "MozillaFirefox-devel-52.8.0esr-72.32.1.i586", "relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-devel-52.8.0esr-72.32.1.ia64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4", "product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ia64" }, "product_reference": "MozillaFirefox-devel-52.8.0esr-72.32.1.ia64", "relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-devel-52.8.0esr-72.32.1.ppc64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4", "product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ppc64" }, "product_reference": "MozillaFirefox-devel-52.8.0esr-72.32.1.ppc64", "relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-devel-52.8.0esr-72.32.1.s390x as component of SUSE Linux Enterprise Software Development Kit 11 SP4", "product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.s390x" }, "product_reference": "MozillaFirefox-devel-52.8.0esr-72.32.1.s390x", "relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-devel-52.8.0esr-72.32.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4", "product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.x86_64" }, "product_reference": "MozillaFirefox-devel-52.8.0esr-72.32.1.x86_64", "relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-52.8.0esr-72.32.1.i586 as component of SUSE Linux Enterprise Point of Sale 11 SP3", "product_id": "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-52.8.0esr-72.32.1.i586" }, "product_reference": "MozillaFirefox-52.8.0esr-72.32.1.i586", "relates_to_product_reference": "SUSE Linux Enterprise Point of Sale 11 SP3" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-translations-52.8.0esr-72.32.1.i586 as component of SUSE Linux Enterprise Point of Sale 11 SP3", "product_id": "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-translations-52.8.0esr-72.32.1.i586" }, "product_reference": "MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "relates_to_product_reference": "SUSE Linux Enterprise Point of Sale 11 SP3" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-52.8.0esr-72.32.1.i586 as component of SUSE Linux Enterprise Server 11 SP3-LTSS", "product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.i586" }, "product_reference": "MozillaFirefox-52.8.0esr-72.32.1.i586", "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-52.8.0esr-72.32.1.s390x as component of SUSE Linux Enterprise Server 11 SP3-LTSS", "product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.s390x" }, "product_reference": "MozillaFirefox-52.8.0esr-72.32.1.s390x", "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-52.8.0esr-72.32.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-LTSS", "product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.x86_64" }, "product_reference": "MozillaFirefox-52.8.0esr-72.32.1.x86_64", "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-translations-52.8.0esr-72.32.1.i586 as component of SUSE Linux Enterprise Server 11 SP3-LTSS", "product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.i586" }, "product_reference": "MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-translations-52.8.0esr-72.32.1.s390x as component of SUSE Linux Enterprise Server 11 SP3-LTSS", "product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x" }, "product_reference": "MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-LTSS", "product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64" }, "product_reference": "MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-52.8.0esr-72.32.1.i586 as component of SUSE Linux Enterprise Server 11 SP3-TERADATA", "product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.i586" }, "product_reference": "MozillaFirefox-52.8.0esr-72.32.1.i586", "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-TERADATA" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-52.8.0esr-72.32.1.s390x as component of SUSE Linux Enterprise Server 11 SP3-TERADATA", "product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.s390x" }, "product_reference": "MozillaFirefox-52.8.0esr-72.32.1.s390x", "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-TERADATA" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-52.8.0esr-72.32.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-TERADATA", "product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.x86_64" }, "product_reference": "MozillaFirefox-52.8.0esr-72.32.1.x86_64", "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-TERADATA" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-translations-52.8.0esr-72.32.1.i586 as component of SUSE Linux Enterprise Server 11 SP3-TERADATA", "product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.i586" }, "product_reference": "MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-TERADATA" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-translations-52.8.0esr-72.32.1.s390x as component of SUSE Linux Enterprise Server 11 SP3-TERADATA", "product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x" }, "product_reference": "MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-TERADATA" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-TERADATA", "product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64" }, "product_reference": "MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-TERADATA" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-52.8.0esr-72.32.1.i586 as component of SUSE Linux Enterprise Server 11 SP4", "product_id": "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586" }, "product_reference": "MozillaFirefox-52.8.0esr-72.32.1.i586", "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-52.8.0esr-72.32.1.ia64 as component of SUSE Linux Enterprise Server 11 SP4", "product_id": "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64" }, "product_reference": "MozillaFirefox-52.8.0esr-72.32.1.ia64", "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-52.8.0esr-72.32.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4", "product_id": "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64" }, "product_reference": "MozillaFirefox-52.8.0esr-72.32.1.ppc64", "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-52.8.0esr-72.32.1.s390x as component of SUSE Linux Enterprise Server 11 SP4", "product_id": "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x" }, "product_reference": "MozillaFirefox-52.8.0esr-72.32.1.s390x", "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-52.8.0esr-72.32.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4", "product_id": "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64" }, "product_reference": "MozillaFirefox-52.8.0esr-72.32.1.x86_64", "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-translations-52.8.0esr-72.32.1.i586 as component of SUSE Linux Enterprise Server 11 SP4", "product_id": "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586" }, "product_reference": "MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-translations-52.8.0esr-72.32.1.ia64 as component of SUSE Linux Enterprise Server 11 SP4", "product_id": "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64" }, "product_reference": "MozillaFirefox-translations-52.8.0esr-72.32.1.ia64", "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4", "product_id": "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64" }, "product_reference": "MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64", "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-translations-52.8.0esr-72.32.1.s390x as component of SUSE Linux Enterprise Server 11 SP4", "product_id": "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x" }, "product_reference": "MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4", "product_id": "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64" }, "product_reference": "MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-52.8.0esr-72.32.1.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4", "product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586" }, "product_reference": "MozillaFirefox-52.8.0esr-72.32.1.i586", "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-52.8.0esr-72.32.1.ia64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4", "product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64" }, "product_reference": "MozillaFirefox-52.8.0esr-72.32.1.ia64", "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-52.8.0esr-72.32.1.ppc64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4", "product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64" }, "product_reference": "MozillaFirefox-52.8.0esr-72.32.1.ppc64", "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-52.8.0esr-72.32.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4", "product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x" }, "product_reference": "MozillaFirefox-52.8.0esr-72.32.1.s390x", "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-52.8.0esr-72.32.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4", "product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64" }, "product_reference": "MozillaFirefox-52.8.0esr-72.32.1.x86_64", "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-translations-52.8.0esr-72.32.1.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4", "product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586" }, "product_reference": "MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-translations-52.8.0esr-72.32.1.ia64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4", "product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64" }, "product_reference": "MozillaFirefox-translations-52.8.0esr-72.32.1.ia64", "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4", "product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64" }, "product_reference": "MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64", "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-translations-52.8.0esr-72.32.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4", "product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x" }, "product_reference": "MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4", "product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64" }, "product_reference": "MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4" } ] }, "vulnerabilities": [ { "cve": "CVE-2018-5150", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2018-5150" } ], "notes": [ { "category": "general", "text": "Memory safety bugs were reported in Firefox 59, Firefox ESR 52.7, and Thunderbird 52.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird \u003c 52.8, Thunderbird ESR \u003c 52.8, Firefox \u003c 60, and Firefox ESR \u003c 52.8.", "title": "CVE description" } ], "product_status": { "recommended": [ "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2018-5150", "url": "https://www.suse.com/security/cve/CVE-2018-5150" }, { "category": "external", "summary": "SUSE Bug 1092548 for CVE-2018-5150", "url": "https://bugzilla.suse.com/1092548" }, { "category": "external", "summary": "SUSE Bug 1092611 for CVE-2018-5150", "url": "https://bugzilla.suse.com/1092611" }, { "category": "external", "summary": "SUSE Bug 1093969 for CVE-2018-5150", "url": "https://bugzilla.suse.com/1093969" }, { "category": "external", "summary": "SUSE Bug 1093970 for CVE-2018-5150", "url": "https://bugzilla.suse.com/1093970" }, { "category": "external", "summary": "SUSE Bug 1093971 for CVE-2018-5150", "url": "https://bugzilla.suse.com/1093971" }, { "category": "external", "summary": "SUSE Bug 1093972 for CVE-2018-5150", "url": "https://bugzilla.suse.com/1093972" }, { "category": "external", "summary": "SUSE Bug 1093973 for CVE-2018-5150", "url": "https://bugzilla.suse.com/1093973" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2018-05-16T19:36:01Z", "details": "important" } ], "title": "CVE-2018-5150" }, { "cve": "CVE-2018-5154", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2018-5154" } ], "notes": [ { "category": "general", "text": "A use-after-free vulnerability can occur while enumerating attributes during SVG animations with clip paths. This results in a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 52.8, Thunderbird ESR \u003c 52.8, Firefox \u003c 60, and Firefox ESR \u003c 52.8.", "title": "CVE description" } ], "product_status": { "recommended": [ "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2018-5154", "url": "https://www.suse.com/security/cve/CVE-2018-5154" }, { "category": "external", "summary": "SUSE Bug 1092548 for CVE-2018-5154", "url": "https://bugzilla.suse.com/1092548" }, { "category": "external", "summary": "SUSE Bug 1092611 for CVE-2018-5154", "url": "https://bugzilla.suse.com/1092611" }, { "category": "external", "summary": "SUSE Bug 1093969 for CVE-2018-5154", "url": "https://bugzilla.suse.com/1093969" }, { "category": "external", "summary": "SUSE Bug 1093970 for CVE-2018-5154", "url": "https://bugzilla.suse.com/1093970" }, { "category": "external", "summary": "SUSE Bug 1093971 for CVE-2018-5154", "url": "https://bugzilla.suse.com/1093971" }, { "category": "external", "summary": "SUSE Bug 1093972 for CVE-2018-5154", "url": "https://bugzilla.suse.com/1093972" }, { "category": "external", "summary": "SUSE Bug 1093973 for CVE-2018-5154", "url": "https://bugzilla.suse.com/1093973" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2018-05-16T19:36:01Z", "details": "important" } ], "title": "CVE-2018-5154" }, { "cve": "CVE-2018-5155", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2018-5155" } ], "notes": [ { "category": "general", "text": "A use-after-free vulnerability can occur while adjusting layout during SVG animations with text paths. This results in a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 52.8, Thunderbird ESR \u003c 52.8, Firefox \u003c 60, and Firefox ESR \u003c 52.8.", "title": "CVE description" } ], "product_status": { "recommended": [ "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2018-5155", "url": "https://www.suse.com/security/cve/CVE-2018-5155" }, { "category": "external", "summary": "SUSE Bug 1092548 for CVE-2018-5155", "url": "https://bugzilla.suse.com/1092548" }, { "category": "external", "summary": "SUSE Bug 1092611 for CVE-2018-5155", "url": "https://bugzilla.suse.com/1092611" }, { "category": "external", "summary": "SUSE Bug 1093969 for CVE-2018-5155", "url": "https://bugzilla.suse.com/1093969" }, { "category": "external", "summary": "SUSE Bug 1093970 for CVE-2018-5155", "url": "https://bugzilla.suse.com/1093970" }, { "category": "external", "summary": "SUSE Bug 1093971 for CVE-2018-5155", "url": "https://bugzilla.suse.com/1093971" }, { "category": "external", "summary": "SUSE Bug 1093972 for CVE-2018-5155", "url": "https://bugzilla.suse.com/1093972" }, { "category": "external", "summary": "SUSE Bug 1093973 for CVE-2018-5155", "url": "https://bugzilla.suse.com/1093973" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2018-05-16T19:36:01Z", "details": "important" } ], "title": "CVE-2018-5155" }, { "cve": "CVE-2018-5157", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2018-5157" } ], "notes": [ { "category": "general", "text": "Same-origin protections for the PDF viewer can be bypassed, allowing a malicious site to intercept messages meant for the viewer. This could allow the site to retrieve PDF files restricted to viewing by an authenticated user on a third-party website. This vulnerability affects Firefox ESR \u003c 52.8 and Firefox \u003c 60.", "title": "CVE description" } ], "product_status": { "recommended": [ "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2018-5157", "url": "https://www.suse.com/security/cve/CVE-2018-5157" }, { "category": "external", "summary": "SUSE Bug 1092548 for CVE-2018-5157", "url": "https://bugzilla.suse.com/1092548" }, { "category": "external", "summary": "SUSE Bug 1092611 for CVE-2018-5157", "url": "https://bugzilla.suse.com/1092611" }, { "category": "external", "summary": "SUSE Bug 1093969 for CVE-2018-5157", "url": "https://bugzilla.suse.com/1093969" }, { "category": "external", "summary": "SUSE Bug 1093970 for CVE-2018-5157", "url": "https://bugzilla.suse.com/1093970" }, { "category": "external", "summary": "SUSE Bug 1093971 for CVE-2018-5157", "url": "https://bugzilla.suse.com/1093971" }, { "category": "external", "summary": "SUSE Bug 1093972 for CVE-2018-5157", "url": "https://bugzilla.suse.com/1093972" }, { "category": "external", "summary": "SUSE Bug 1093973 for CVE-2018-5157", "url": "https://bugzilla.suse.com/1093973" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2018-05-16T19:36:01Z", "details": "important" } ], "title": "CVE-2018-5157" }, { "cve": "CVE-2018-5158", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2018-5158" } ], "notes": [ { "category": "general", "text": "The PDF viewer does not sufficiently sanitize PostScript calculator functions, allowing malicious JavaScript to be injected through a crafted PDF file. This JavaScript can then be run with the permissions of the PDF viewer by its worker. This vulnerability affects Firefox ESR \u003c 52.8 and Firefox \u003c 60.", "title": "CVE description" } ], "product_status": { "recommended": [ "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2018-5158", "url": "https://www.suse.com/security/cve/CVE-2018-5158" }, { "category": "external", "summary": "SUSE Bug 1092548 for CVE-2018-5158", "url": "https://bugzilla.suse.com/1092548" }, { "category": "external", "summary": "SUSE Bug 1092611 for CVE-2018-5158", "url": "https://bugzilla.suse.com/1092611" }, { "category": "external", "summary": "SUSE Bug 1093969 for CVE-2018-5158", "url": "https://bugzilla.suse.com/1093969" }, { "category": "external", "summary": "SUSE Bug 1093970 for CVE-2018-5158", "url": "https://bugzilla.suse.com/1093970" }, { "category": "external", "summary": "SUSE Bug 1093971 for CVE-2018-5158", "url": "https://bugzilla.suse.com/1093971" }, { "category": "external", "summary": "SUSE Bug 1093972 for CVE-2018-5158", "url": "https://bugzilla.suse.com/1093972" }, { "category": "external", "summary": "SUSE Bug 1093973 for CVE-2018-5158", "url": "https://bugzilla.suse.com/1093973" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2018-05-16T19:36:01Z", "details": "important" } ], "title": "CVE-2018-5158" }, { "cve": "CVE-2018-5159", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2018-5159" } ], "notes": [ { "category": "general", "text": "An integer overflow can occur in the Skia library due to 32-bit integer use in an array without integer overflow checks, resulting in possible out-of-bounds writes. This could lead to a potentially exploitable crash triggerable by web content. This vulnerability affects Thunderbird \u003c 52.8, Thunderbird ESR \u003c 52.8, Firefox \u003c 60, and Firefox ESR \u003c 52.8.", "title": "CVE description" } ], "product_status": { "recommended": [ "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2018-5159", "url": "https://www.suse.com/security/cve/CVE-2018-5159" }, { "category": "external", "summary": "SUSE Bug 1092548 for CVE-2018-5159", "url": "https://bugzilla.suse.com/1092548" }, { "category": "external", "summary": "SUSE Bug 1092611 for CVE-2018-5159", "url": "https://bugzilla.suse.com/1092611" }, { "category": "external", "summary": "SUSE Bug 1093969 for CVE-2018-5159", "url": "https://bugzilla.suse.com/1093969" }, { "category": "external", "summary": "SUSE Bug 1093970 for CVE-2018-5159", "url": "https://bugzilla.suse.com/1093970" }, { "category": "external", "summary": "SUSE Bug 1093971 for CVE-2018-5159", "url": "https://bugzilla.suse.com/1093971" }, { "category": "external", "summary": "SUSE Bug 1093972 for CVE-2018-5159", "url": "https://bugzilla.suse.com/1093972" }, { "category": "external", "summary": "SUSE Bug 1093973 for CVE-2018-5159", "url": "https://bugzilla.suse.com/1093973" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2018-05-16T19:36:01Z", "details": "important" } ], "title": "CVE-2018-5159" }, { "cve": "CVE-2018-5168", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2018-5168" } ], "notes": [ { "category": "general", "text": "Sites can bypass security checks on permissions to install lightweight themes by manipulating the \"baseURI\" property of the theme element. This could allow a malicious site to install a theme without user interaction which could contain offensive or embarrassing images. This vulnerability affects Thunderbird \u003c 52.8, Thunderbird ESR \u003c 52.8, Firefox \u003c 60, and Firefox ESR \u003c 52.8.", "title": "CVE description" } ], "product_status": { "recommended": [ "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2018-5168", "url": "https://www.suse.com/security/cve/CVE-2018-5168" }, { "category": "external", "summary": "SUSE Bug 1092548 for CVE-2018-5168", "url": "https://bugzilla.suse.com/1092548" }, { "category": "external", "summary": "SUSE Bug 1092611 for CVE-2018-5168", "url": "https://bugzilla.suse.com/1092611" }, { "category": "external", "summary": "SUSE Bug 1093969 for CVE-2018-5168", "url": "https://bugzilla.suse.com/1093969" }, { "category": "external", "summary": "SUSE Bug 1093970 for CVE-2018-5168", "url": "https://bugzilla.suse.com/1093970" }, { "category": "external", "summary": "SUSE Bug 1093971 for CVE-2018-5168", "url": "https://bugzilla.suse.com/1093971" }, { "category": "external", "summary": "SUSE Bug 1093972 for CVE-2018-5168", "url": "https://bugzilla.suse.com/1093972" }, { "category": "external", "summary": "SUSE Bug 1093973 for CVE-2018-5168", "url": "https://bugzilla.suse.com/1093973" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0" }, "products": [ "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2018-05-16T19:36:01Z", "details": "important" } ], "title": "CVE-2018-5168" }, { "cve": "CVE-2018-5174", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2018-5174" } ], "notes": [ { "category": "general", "text": "In the Windows 10 April 2018 Update, Windows Defender SmartScreen honors the \"SEE_MASK_FLAG_NO_UI\" flag associated with downloaded files and will not show any UI. Files that are unknown and potentially dangerous will be allowed to run because SmartScreen will not prompt the user for a decision, and if the user is offline all files will be allowed to be opened because Windows won\u0027t prompt the user to ask what to do. Firefox incorrectly sets this flag when downloading files, leading to less secure behavior from SmartScreen. Note: this issue only affects Windows 10 users running the April 2018 update or later. It does not affect other Windows users or other operating systems. This vulnerability affects Thunderbird \u003c 52.8, Thunderbird ESR \u003c 52.8, Firefox \u003c 60, and Firefox ESR \u003c 52.8.", "title": "CVE description" } ], "product_status": { "recommended": [ "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2018-5174", "url": "https://www.suse.com/security/cve/CVE-2018-5174" }, { "category": "external", "summary": "SUSE Bug 1092548 for CVE-2018-5174", "url": "https://bugzilla.suse.com/1092548" }, { "category": "external", "summary": "SUSE Bug 1092611 for CVE-2018-5174", "url": "https://bugzilla.suse.com/1092611" }, { "category": "external", "summary": "SUSE Bug 1093969 for CVE-2018-5174", "url": "https://bugzilla.suse.com/1093969" }, { "category": "external", "summary": "SUSE Bug 1093970 for CVE-2018-5174", "url": "https://bugzilla.suse.com/1093970" }, { "category": "external", "summary": "SUSE Bug 1093971 for CVE-2018-5174", "url": "https://bugzilla.suse.com/1093971" }, { "category": "external", "summary": "SUSE Bug 1093972 for CVE-2018-5174", "url": "https://bugzilla.suse.com/1093972" }, { "category": "external", "summary": "SUSE Bug 1093973 for CVE-2018-5174", "url": "https://bugzilla.suse.com/1093973" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.0" }, "products": [ "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2018-05-16T19:36:01Z", "details": "important" } ], "title": "CVE-2018-5174" }, { "cve": "CVE-2018-5178", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2018-5178" } ], "notes": [ { "category": "general", "text": "A buffer overflow was found during UTF8 to Unicode string conversion within JavaScript with extremely large amounts of data. This vulnerability requires the use of a malicious or vulnerable legacy extension in order to occur. This vulnerability affects Thunderbird ESR \u003c 52.8, Thunderbird \u003c 52.8, and Firefox ESR \u003c 52.8.", "title": "CVE description" } ], "product_status": { "recommended": [ "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2018-5178", "url": "https://www.suse.com/security/cve/CVE-2018-5178" }, { "category": "external", "summary": "SUSE Bug 1092548 for CVE-2018-5178", "url": "https://bugzilla.suse.com/1092548" }, { "category": "external", "summary": "SUSE Bug 1092611 for CVE-2018-5178", "url": "https://bugzilla.suse.com/1092611" }, { "category": "external", "summary": "SUSE Bug 1093969 for CVE-2018-5178", "url": "https://bugzilla.suse.com/1093969" }, { "category": "external", "summary": "SUSE Bug 1093970 for CVE-2018-5178", "url": "https://bugzilla.suse.com/1093970" }, { "category": "external", "summary": "SUSE Bug 1093971 for CVE-2018-5178", "url": "https://bugzilla.suse.com/1093971" }, { "category": "external", "summary": "SUSE Bug 1093972 for CVE-2018-5178", "url": "https://bugzilla.suse.com/1093972" }, { "category": "external", "summary": "SUSE Bug 1093973 for CVE-2018-5178", "url": "https://bugzilla.suse.com/1093973" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 8.1, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2018-05-16T19:36:01Z", "details": "important" } ], "title": "CVE-2018-5178" }, { "cve": "CVE-2018-5183", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2018-5183" } ], "notes": [ { "category": "general", "text": "Mozilla developers backported selected changes in the Skia library. These changes correct memory corruption issues including invalid buffer reads and writes during graphic operations. This vulnerability affects Thunderbird ESR \u003c 52.8, Thunderbird \u003c 52.8, and Firefox ESR \u003c 52.8.", "title": "CVE description" } ], "product_status": { "recommended": [ "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2018-5183", "url": "https://www.suse.com/security/cve/CVE-2018-5183" }, { "category": "external", "summary": "SUSE Bug 1092548 for CVE-2018-5183", "url": "https://bugzilla.suse.com/1092548" }, { "category": "external", "summary": "SUSE Bug 1092611 for CVE-2018-5183", "url": "https://bugzilla.suse.com/1092611" }, { "category": "external", "summary": "SUSE Bug 1093969 for CVE-2018-5183", "url": "https://bugzilla.suse.com/1093969" }, { "category": "external", "summary": "SUSE Bug 1093970 for CVE-2018-5183", "url": "https://bugzilla.suse.com/1093970" }, { "category": "external", "summary": "SUSE Bug 1093971 for CVE-2018-5183", "url": "https://bugzilla.suse.com/1093971" }, { "category": "external", "summary": "SUSE Bug 1093972 for CVE-2018-5183", "url": "https://bugzilla.suse.com/1093972" }, { "category": "external", "summary": "SUSE Bug 1093973 for CVE-2018-5183", "url": "https://bugzilla.suse.com/1093973" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2018-05-16T19:36:01Z", "details": "important" } ], "title": "CVE-2018-5183" } ] }
suse-su-2019:2872-1
Vulnerability from csaf_suse
Notes
{ "document": { "aggregate_severity": { "namespace": "https://www.suse.com/support/security/rating/", "text": "important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright 2024 SUSE LLC. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Security update for MozillaFirefox", "title": "Title of the patch" }, { "category": "description", "text": "This update for MozillaFirefox to 68.2.0 ESR fixes the following issues:\n\nMozilla Firefox was updated to version 68.2.0 ESR (bsc#1154738).\n\nSecurity issues fixed:\n\n- CVE-2019-15903: Fixed a heap overflow in the expat library (bsc#1149429).\n- CVE-2019-11757: Fixed a use-after-free when creating index updates in IndexedDB (bsc#1154738).\n- CVE-2019-11758: Fixed a potentially exploitable crash due to 360 Total Security (bsc#1154738).\n- CVE-2019-11759: Fixed a stack buffer overflow in HKDF output (bsc#1154738).\n- CVE-2019-11760: Fixed a stack buffer overflow in WebRTC networking (bsc#1154738).\n- CVE-2019-11761: Fixed an unintended access to a privileged JSONView object (bsc#1154738).\n- CVE-2019-11762: Fixed a same-origin-property violation (bsc#1154738).\n- CVE-2019-11763: Fixed an XSS bypass (bsc#1154738).\n- CVE-2019-11764: Fixed several memory safety bugs (bsc#1154738).\n\nNon-security issues fixed:\n\n- Firefox 60.7 ESR changed the user interface language (bsc#1137990).\n- Wrong Firefox GUI Language (bsc#1120374).\n- Fixed an inadvertent crash report transmission without user opt-in (bsc#1074235).\n- Firefox hangs randomly when browsing and scrolling (bsc#1043008).\n- Firefox stops loading page until mouse is moved (bsc#1025108).\n", "title": "Description of the patch" }, { "category": "details", "text": "HPE-Helion-OpenStack-8-2019-2872,SUSE-2019-2872,SUSE-OpenStack-Cloud-7-2019-2872,SUSE-OpenStack-Cloud-8-2019-2872,SUSE-OpenStack-Cloud-Crowbar-8-2019-2872,SUSE-SLE-DESKTOP-12-SP4-2019-2872,SUSE-SLE-SAP-12-SP1-2019-2872,SUSE-SLE-SAP-12-SP2-2019-2872,SUSE-SLE-SAP-12-SP3-2019-2872,SUSE-SLE-SDK-12-SP4-2019-2872,SUSE-SLE-SDK-12-SP5-2019-2872,SUSE-SLE-SERVER-12-SP1-2019-2872,SUSE-SLE-SERVER-12-SP2-2019-2872,SUSE-SLE-SERVER-12-SP2-BCL-2019-2872,SUSE-SLE-SERVER-12-SP3-2019-2872,SUSE-SLE-SERVER-12-SP3-BCL-2019-2872,SUSE-SLE-SERVER-12-SP4-2019-2872,SUSE-SLE-SERVER-12-SP5-2019-2872,SUSE-Storage-5-2019-2872", "title": "Patchnames" }, { "category": "legal_disclaimer", "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", "title": "Terms of use" } ], "publisher": { "category": "vendor", "contact_details": "https://www.suse.com/support/security/contact/", "name": "SUSE Product Security Team", "namespace": "https://www.suse.com/" }, "references": [ { "category": "external", "summary": "SUSE ratings", "url": "https://www.suse.com/support/security/rating/" }, { "category": "self", "summary": "URL of this CSAF notice", "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2019_2872-1.json" }, { "category": "self", "summary": "URL for SUSE-SU-2019:2872-1", "url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192872-1/" }, { "category": "self", "summary": "E-Mail link for SUSE-SU-2019:2872-1", "url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192872-1.html" }, { "category": "self", "summary": "SUSE Bug 1010399", "url": "https://bugzilla.suse.com/1010399" }, { "category": "self", "summary": "SUSE Bug 1010405", "url": "https://bugzilla.suse.com/1010405" }, { "category": "self", "summary": "SUSE Bug 1010406", "url": "https://bugzilla.suse.com/1010406" }, { "category": "self", "summary": "SUSE Bug 1010408", "url": "https://bugzilla.suse.com/1010408" }, { "category": "self", "summary": "SUSE Bug 1010409", "url": "https://bugzilla.suse.com/1010409" }, { "category": "self", "summary": "SUSE Bug 1010421", "url": "https://bugzilla.suse.com/1010421" }, { "category": "self", "summary": "SUSE Bug 1010423", "url": "https://bugzilla.suse.com/1010423" }, { "category": "self", "summary": "SUSE Bug 1010424", "url": "https://bugzilla.suse.com/1010424" }, { "category": "self", "summary": "SUSE Bug 1010425", "url": "https://bugzilla.suse.com/1010425" }, { "category": "self", "summary": "SUSE Bug 1010426", "url": "https://bugzilla.suse.com/1010426" }, { "category": "self", "summary": "SUSE Bug 1025108", "url": "https://bugzilla.suse.com/1025108" }, { "category": "self", "summary": "SUSE Bug 1043008", "url": "https://bugzilla.suse.com/1043008" }, { "category": "self", "summary": "SUSE Bug 1047281", "url": "https://bugzilla.suse.com/1047281" }, { "category": "self", "summary": "SUSE Bug 1074235", "url": "https://bugzilla.suse.com/1074235" }, { "category": "self", "summary": "SUSE Bug 1092611", "url": "https://bugzilla.suse.com/1092611" }, { "category": "self", "summary": "SUSE Bug 1120374", "url": "https://bugzilla.suse.com/1120374" }, { "category": "self", "summary": "SUSE Bug 1137990", "url": "https://bugzilla.suse.com/1137990" }, { "category": "self", "summary": "SUSE Bug 1149429", "url": "https://bugzilla.suse.com/1149429" }, { "category": "self", "summary": "SUSE Bug 1154738", "url": "https://bugzilla.suse.com/1154738" }, { "category": "self", "summary": "SUSE Bug 959933", "url": "https://bugzilla.suse.com/959933" }, { "category": "self", "summary": "SUSE Bug 983922", "url": "https://bugzilla.suse.com/983922" }, { "category": "self", "summary": "SUSE CVE CVE-2016-2830 page", "url": "https://www.suse.com/security/cve/CVE-2016-2830/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-5289 page", "url": "https://www.suse.com/security/cve/CVE-2016-5289/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-5292 page", "url": "https://www.suse.com/security/cve/CVE-2016-5292/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-9063 page", "url": "https://www.suse.com/security/cve/CVE-2016-9063/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-9067 page", "url": "https://www.suse.com/security/cve/CVE-2016-9067/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-9068 page", "url": "https://www.suse.com/security/cve/CVE-2016-9068/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-9069 page", "url": "https://www.suse.com/security/cve/CVE-2016-9069/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-9071 page", "url": "https://www.suse.com/security/cve/CVE-2016-9071/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-9073 page", "url": "https://www.suse.com/security/cve/CVE-2016-9073/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-9075 page", "url": "https://www.suse.com/security/cve/CVE-2016-9075/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-9076 page", "url": "https://www.suse.com/security/cve/CVE-2016-9076/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-9077 page", "url": "https://www.suse.com/security/cve/CVE-2016-9077/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-7789 page", "url": "https://www.suse.com/security/cve/CVE-2017-7789/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5150 page", "url": "https://www.suse.com/security/cve/CVE-2018-5150/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5151 page", "url": "https://www.suse.com/security/cve/CVE-2018-5151/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5152 page", "url": "https://www.suse.com/security/cve/CVE-2018-5152/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5153 page", "url": "https://www.suse.com/security/cve/CVE-2018-5153/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5154 page", "url": "https://www.suse.com/security/cve/CVE-2018-5154/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5155 page", "url": "https://www.suse.com/security/cve/CVE-2018-5155/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5157 page", "url": "https://www.suse.com/security/cve/CVE-2018-5157/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5158 page", "url": "https://www.suse.com/security/cve/CVE-2018-5158/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5159 page", "url": "https://www.suse.com/security/cve/CVE-2018-5159/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5160 page", "url": "https://www.suse.com/security/cve/CVE-2018-5160/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5163 page", "url": "https://www.suse.com/security/cve/CVE-2018-5163/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5164 page", "url": "https://www.suse.com/security/cve/CVE-2018-5164/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5165 page", "url": "https://www.suse.com/security/cve/CVE-2018-5165/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5166 page", "url": "https://www.suse.com/security/cve/CVE-2018-5166/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5167 page", "url": "https://www.suse.com/security/cve/CVE-2018-5167/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5168 page", "url": "https://www.suse.com/security/cve/CVE-2018-5168/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5169 page", "url": "https://www.suse.com/security/cve/CVE-2018-5169/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5172 page", "url": "https://www.suse.com/security/cve/CVE-2018-5172/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5173 page", "url": "https://www.suse.com/security/cve/CVE-2018-5173/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5174 page", "url": "https://www.suse.com/security/cve/CVE-2018-5174/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5175 page", "url": "https://www.suse.com/security/cve/CVE-2018-5175/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5176 page", "url": "https://www.suse.com/security/cve/CVE-2018-5176/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5177 page", "url": "https://www.suse.com/security/cve/CVE-2018-5177/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5178 page", "url": "https://www.suse.com/security/cve/CVE-2018-5178/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5179 page", "url": "https://www.suse.com/security/cve/CVE-2018-5179/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5180 page", "url": "https://www.suse.com/security/cve/CVE-2018-5180/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5181 page", "url": "https://www.suse.com/security/cve/CVE-2018-5181/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5182 page", "url": "https://www.suse.com/security/cve/CVE-2018-5182/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5183 page", "url": "https://www.suse.com/security/cve/CVE-2018-5183/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-11757 page", "url": "https://www.suse.com/security/cve/CVE-2019-11757/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-11758 page", "url": "https://www.suse.com/security/cve/CVE-2019-11758/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-11759 page", "url": "https://www.suse.com/security/cve/CVE-2019-11759/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-11760 page", "url": "https://www.suse.com/security/cve/CVE-2019-11760/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-11761 page", "url": "https://www.suse.com/security/cve/CVE-2019-11761/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-11762 page", "url": "https://www.suse.com/security/cve/CVE-2019-11762/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-11763 page", "url": "https://www.suse.com/security/cve/CVE-2019-11763/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-11764 page", "url": "https://www.suse.com/security/cve/CVE-2019-11764/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-15903 page", "url": "https://www.suse.com/security/cve/CVE-2019-15903/" } ], "title": "Security update for MozillaFirefox", "tracking": { "current_release_date": "2019-10-31T07:53:30Z", "generator": { "date": "2019-10-31T07:53:30Z", "engine": { "name": "cve-database.git:bin/generate-csaf.pl", "version": "1" } }, "id": "SUSE-SU-2019:2872-1", "initial_release_date": "2019-10-31T07:53:30Z", "revision_history": [ { "date": "2019-10-31T07:53:30Z", "number": "1", "summary": "Current version" } ], "status": "final", "version": "1" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_version", "name": "MozillaFirefox-68.2.0-109.95.2.aarch64", "product": { "name": "MozillaFirefox-68.2.0-109.95.2.aarch64", "product_id": "MozillaFirefox-68.2.0-109.95.2.aarch64" } }, { "category": "product_version", "name": "MozillaFirefox-branding-upstream-68.2.0-109.95.2.aarch64", "product": { "name": "MozillaFirefox-branding-upstream-68.2.0-109.95.2.aarch64", "product_id": "MozillaFirefox-branding-upstream-68.2.0-109.95.2.aarch64" } }, { "category": "product_version", "name": "MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "product": { "name": "MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "product_id": "MozillaFirefox-devel-68.2.0-109.95.2.aarch64" } }, { "category": "product_version", "name": "MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "product": { "name": "MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "product_id": "MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64" } }, { "category": "product_version", "name": "MozillaFirefox-translations-other-68.2.0-109.95.2.aarch64", "product": { "name": "MozillaFirefox-translations-other-68.2.0-109.95.2.aarch64", "product_id": "MozillaFirefox-translations-other-68.2.0-109.95.2.aarch64" } } ], "category": "architecture", "name": "aarch64" }, { "branches": [ { "category": "product_version", "name": "MozillaFirefox-68.2.0-109.95.2.ppc64le", "product": { "name": "MozillaFirefox-68.2.0-109.95.2.ppc64le", "product_id": "MozillaFirefox-68.2.0-109.95.2.ppc64le" } }, { "category": "product_version", "name": "MozillaFirefox-branding-upstream-68.2.0-109.95.2.ppc64le", "product": { "name": "MozillaFirefox-branding-upstream-68.2.0-109.95.2.ppc64le", "product_id": "MozillaFirefox-branding-upstream-68.2.0-109.95.2.ppc64le" } }, { "category": "product_version", "name": "MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "product": { "name": "MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "product_id": "MozillaFirefox-devel-68.2.0-109.95.2.ppc64le" } }, { "category": "product_version", "name": "MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "product": { "name": "MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "product_id": "MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le" } }, { "category": "product_version", "name": "MozillaFirefox-translations-other-68.2.0-109.95.2.ppc64le", "product": { "name": "MozillaFirefox-translations-other-68.2.0-109.95.2.ppc64le", "product_id": "MozillaFirefox-translations-other-68.2.0-109.95.2.ppc64le" } } ], "category": "architecture", "name": "ppc64le" }, { "branches": [ { "category": "product_version", "name": "MozillaFirefox-68.2.0-109.95.2.s390x", "product": { "name": "MozillaFirefox-68.2.0-109.95.2.s390x", "product_id": "MozillaFirefox-68.2.0-109.95.2.s390x" } }, { "category": "product_version", "name": "MozillaFirefox-branding-upstream-68.2.0-109.95.2.s390x", "product": { "name": "MozillaFirefox-branding-upstream-68.2.0-109.95.2.s390x", "product_id": "MozillaFirefox-branding-upstream-68.2.0-109.95.2.s390x" } }, { "category": "product_version", "name": "MozillaFirefox-devel-68.2.0-109.95.2.s390x", "product": { "name": "MozillaFirefox-devel-68.2.0-109.95.2.s390x", "product_id": "MozillaFirefox-devel-68.2.0-109.95.2.s390x" } }, { "category": "product_version", "name": "MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "product": { "name": "MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "product_id": "MozillaFirefox-translations-common-68.2.0-109.95.2.s390x" } }, { "category": "product_version", "name": "MozillaFirefox-translations-other-68.2.0-109.95.2.s390x", "product": { "name": "MozillaFirefox-translations-other-68.2.0-109.95.2.s390x", "product_id": "MozillaFirefox-translations-other-68.2.0-109.95.2.s390x" } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "MozillaFirefox-68.2.0-109.95.2.x86_64", "product": { "name": "MozillaFirefox-68.2.0-109.95.2.x86_64", "product_id": "MozillaFirefox-68.2.0-109.95.2.x86_64" } }, { "category": "product_version", "name": "MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "product": { "name": "MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "product_id": "MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" } }, { "category": "product_version", "name": "MozillaFirefox-branding-upstream-68.2.0-109.95.2.x86_64", "product": { "name": "MozillaFirefox-branding-upstream-68.2.0-109.95.2.x86_64", "product_id": "MozillaFirefox-branding-upstream-68.2.0-109.95.2.x86_64" } }, { "category": "product_version", "name": "MozillaFirefox-buildsymbols-68.2.0-109.95.2.x86_64", "product": { "name": "MozillaFirefox-buildsymbols-68.2.0-109.95.2.x86_64", "product_id": "MozillaFirefox-buildsymbols-68.2.0-109.95.2.x86_64" } }, { "category": "product_version", "name": "MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "product": { "name": "MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "product_id": "MozillaFirefox-devel-68.2.0-109.95.2.x86_64" } }, { "category": "product_version", "name": "MozillaFirefox-translations-other-68.2.0-109.95.2.x86_64", "product": { "name": "MozillaFirefox-translations-other-68.2.0-109.95.2.x86_64", "product_id": "MozillaFirefox-translations-other-68.2.0-109.95.2.x86_64" } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_name", "name": "HPE Helion OpenStack 8", "product": { "name": "HPE Helion OpenStack 8", "product_id": "HPE Helion OpenStack 8", "product_identification_helper": { "cpe": "cpe:/o:suse:hpe-helion-openstack:8" } } }, { "category": "product_name", "name": "SUSE OpenStack Cloud 7", "product": { "name": "SUSE OpenStack Cloud 7", "product_id": "SUSE OpenStack Cloud 7", "product_identification_helper": { "cpe": "cpe:/o:suse:suse-openstack-cloud:7" } } }, { "category": "product_name", "name": "SUSE OpenStack Cloud 8", "product": { "name": "SUSE OpenStack Cloud 8", "product_id": "SUSE OpenStack Cloud 8", "product_identification_helper": { "cpe": "cpe:/o:suse:suse-openstack-cloud:8" } } }, { "category": "product_name", "name": "SUSE OpenStack Cloud Crowbar 8", "product": { "name": "SUSE OpenStack Cloud Crowbar 8", "product_id": "SUSE OpenStack Cloud Crowbar 8", "product_identification_helper": { "cpe": "cpe:/o:suse:suse-openstack-cloud-crowbar:8" } } }, { "category": "product_name", "name": "SUSE Linux Enterprise Desktop 12 SP4", "product": { "name": "SUSE Linux Enterprise Desktop 12 SP4", "product_id": "SUSE Linux Enterprise Desktop 12 SP4", "product_identification_helper": { "cpe": "cpe:/o:suse:sled:12:sp4" } } }, { "category": "product_name", "name": "SUSE Linux Enterprise Server for SAP Applications 12 SP1", "product": { "name": "SUSE Linux Enterprise Server for SAP Applications 12 SP1", "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1", "product_identification_helper": { "cpe": "cpe:/o:suse:sles_sap:12:sp1" } } }, { "category": "product_name", "name": "SUSE Linux Enterprise Server for SAP Applications 12 SP2", "product": { "name": "SUSE Linux Enterprise Server for SAP Applications 12 SP2", "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2", "product_identification_helper": { "cpe": "cpe:/o:suse:sles_sap:12:sp2" } } }, { "category": "product_name", "name": "SUSE Linux Enterprise Server for SAP Applications 12 SP3", "product": { "name": "SUSE Linux Enterprise Server for SAP Applications 12 SP3", "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3", "product_identification_helper": { "cpe": "cpe:/o:suse:sles_sap:12:sp3" } } }, { "category": "product_name", "name": "SUSE Linux Enterprise Software Development Kit 12 SP4", "product": { "name": "SUSE Linux Enterprise Software Development Kit 12 SP4", "product_id": "SUSE Linux Enterprise Software Development Kit 12 SP4", "product_identification_helper": { "cpe": "cpe:/o:suse:sle-sdk:12:sp4" } } }, { "category": "product_name", "name": "SUSE Linux Enterprise Software Development Kit 12 SP5", "product": { "name": "SUSE Linux Enterprise Software Development Kit 12 SP5", "product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5", "product_identification_helper": { "cpe": "cpe:/o:suse:sle-sdk:12:sp5" } } }, { "category": "product_name", "name": "SUSE Linux Enterprise Server 12 SP1-LTSS", "product": { "name": "SUSE Linux Enterprise Server 12 SP1-LTSS", "product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS", "product_identification_helper": { "cpe": "cpe:/o:suse:sles-ltss:12:sp1" } } }, { "category": "product_name", "name": "SUSE Linux Enterprise Server 12 SP2-LTSS", "product": { "name": "SUSE Linux Enterprise Server 12 SP2-LTSS", "product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS", "product_identification_helper": { "cpe": "cpe:/o:suse:sles-ltss:12:sp2" } } }, { "category": "product_name", "name": "SUSE Linux Enterprise Server 12 SP2-BCL", "product": { "name": "SUSE Linux Enterprise Server 12 SP2-BCL", "product_id": "SUSE Linux Enterprise Server 12 SP2-BCL", "product_identification_helper": { "cpe": "cpe:/o:suse:sles-bcl:12:sp2" } } }, { "category": "product_name", "name": "SUSE Linux Enterprise Server 12 SP3-LTSS", "product": { "name": "SUSE Linux Enterprise Server 12 SP3-LTSS", "product_id": "SUSE Linux Enterprise Server 12 SP3-LTSS", "product_identification_helper": { "cpe": "cpe:/o:suse:sles-ltss:12:sp3" } } }, { "category": "product_name", "name": "SUSE Linux Enterprise Server 12 SP3-BCL", "product": { "name": "SUSE Linux Enterprise Server 12 SP3-BCL", "product_id": "SUSE Linux Enterprise Server 12 SP3-BCL", "product_identification_helper": { "cpe": "cpe:/o:suse:sles-bcl:12:sp3" } } }, { "category": "product_name", "name": "SUSE Linux Enterprise Server 12 SP4", "product": { "name": "SUSE Linux Enterprise Server 12 SP4", "product_id": "SUSE Linux Enterprise Server 12 SP4", "product_identification_helper": { "cpe": "cpe:/o:suse:sles:12:sp4" } } }, { "category": "product_name", "name": "SUSE Linux Enterprise Server for SAP Applications 12 SP4", "product": { "name": "SUSE Linux Enterprise Server for SAP Applications 12 SP4", "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4", "product_identification_helper": { "cpe": "cpe:/o:suse:sles_sap:12:sp4" } } }, { "category": "product_name", "name": "SUSE Linux Enterprise Server 12 SP5", "product": { "name": "SUSE Linux Enterprise Server 12 SP5", "product_id": "SUSE Linux Enterprise Server 12 SP5", "product_identification_helper": { "cpe": "cpe:/o:suse:sles:12:sp5" } } }, { "category": "product_name", "name": "SUSE Linux Enterprise Server for SAP Applications 12 SP5", "product": { "name": "SUSE Linux Enterprise Server for SAP Applications 12 SP5", "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5", "product_identification_helper": { "cpe": "cpe:/o:suse:sles_sap:12:sp5" } } }, { "category": "product_name", "name": "SUSE Enterprise Storage 5", "product": { "name": "SUSE Enterprise Storage 5", "product_id": "SUSE Enterprise Storage 5", "product_identification_helper": { "cpe": "cpe:/o:suse:ses:5" } } } ], "category": "product_family", "name": "SUSE Linux Enterprise" } ], "category": "vendor", "name": "SUSE" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-68.2.0-109.95.2.x86_64 as component of HPE Helion OpenStack 8", "product_id": "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64" }, "product_reference": "MozillaFirefox-68.2.0-109.95.2.x86_64", "relates_to_product_reference": "HPE Helion OpenStack 8" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64 as component of HPE Helion OpenStack 8", "product_id": "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" }, "product_reference": "MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "relates_to_product_reference": "HPE Helion OpenStack 8" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-68.2.0-109.95.2.s390x as component of SUSE OpenStack Cloud 7", "product_id": "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x" }, "product_reference": "MozillaFirefox-68.2.0-109.95.2.s390x", "relates_to_product_reference": "SUSE OpenStack Cloud 7" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-68.2.0-109.95.2.x86_64 as component of SUSE OpenStack Cloud 7", "product_id": "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64" }, "product_reference": "MozillaFirefox-68.2.0-109.95.2.x86_64", "relates_to_product_reference": "SUSE OpenStack Cloud 7" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-devel-68.2.0-109.95.2.s390x as component of SUSE OpenStack Cloud 7", "product_id": "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x" }, "product_reference": "MozillaFirefox-devel-68.2.0-109.95.2.s390x", "relates_to_product_reference": "SUSE OpenStack Cloud 7" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-devel-68.2.0-109.95.2.x86_64 as component of SUSE OpenStack Cloud 7", "product_id": "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64" }, "product_reference": "MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "relates_to_product_reference": "SUSE OpenStack Cloud 7" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-translations-common-68.2.0-109.95.2.s390x as component of SUSE OpenStack Cloud 7", "product_id": "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x" }, "product_reference": "MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "relates_to_product_reference": "SUSE OpenStack Cloud 7" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64 as component of SUSE OpenStack Cloud 7", "product_id": "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" }, "product_reference": "MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "relates_to_product_reference": "SUSE OpenStack Cloud 7" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-68.2.0-109.95.2.x86_64 as component of SUSE OpenStack Cloud 8", "product_id": "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64" }, "product_reference": "MozillaFirefox-68.2.0-109.95.2.x86_64", "relates_to_product_reference": "SUSE OpenStack Cloud 8" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64 as component of SUSE OpenStack Cloud 8", "product_id": "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" }, "product_reference": "MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "relates_to_product_reference": "SUSE OpenStack Cloud 8" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-68.2.0-109.95.2.x86_64 as component of SUSE OpenStack Cloud Crowbar 8", "product_id": "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64" }, "product_reference": "MozillaFirefox-68.2.0-109.95.2.x86_64", "relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 8" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64 as component of SUSE OpenStack Cloud Crowbar 8", "product_id": "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" }, "product_reference": "MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 8" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-68.2.0-109.95.2.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP4", "product_id": "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64" }, "product_reference": "MozillaFirefox-68.2.0-109.95.2.x86_64", "relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP4" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP4", "product_id": "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" }, "product_reference": "MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP4" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-68.2.0-109.95.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1", "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64" }, "product_reference": "MozillaFirefox-68.2.0-109.95.2.x86_64", "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-devel-68.2.0-109.95.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1", "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64" }, "product_reference": "MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1", "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" }, "product_reference": "MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-68.2.0-109.95.2.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2", "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le" }, "product_reference": "MozillaFirefox-68.2.0-109.95.2.ppc64le", "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-68.2.0-109.95.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2", "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64" }, "product_reference": "MozillaFirefox-68.2.0-109.95.2.x86_64", "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-devel-68.2.0-109.95.2.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2", "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le" }, "product_reference": "MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-devel-68.2.0-109.95.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2", "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64" }, "product_reference": "MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2", "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le" }, "product_reference": "MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2", "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" }, "product_reference": "MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-68.2.0-109.95.2.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le" }, "product_reference": "MozillaFirefox-68.2.0-109.95.2.ppc64le", "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-68.2.0-109.95.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64" }, "product_reference": "MozillaFirefox-68.2.0-109.95.2.x86_64", "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le" }, "product_reference": "MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" }, "product_reference": "MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-devel-68.2.0-109.95.2.aarch64 as component of SUSE Linux Enterprise Software Development Kit 12 SP4", "product_id": "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64" }, "product_reference": "MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP4" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-devel-68.2.0-109.95.2.ppc64le as component of SUSE Linux Enterprise Software Development Kit 12 SP4", "product_id": "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le" }, "product_reference": "MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP4" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-devel-68.2.0-109.95.2.s390x as component of SUSE Linux Enterprise Software Development Kit 12 SP4", "product_id": "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x" }, "product_reference": "MozillaFirefox-devel-68.2.0-109.95.2.s390x", "relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP4" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-devel-68.2.0-109.95.2.x86_64 as component of SUSE Linux Enterprise Software Development Kit 12 SP4", "product_id": "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64" }, "product_reference": "MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP4" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-devel-68.2.0-109.95.2.aarch64 as component of SUSE Linux Enterprise Software Development Kit 12 SP5", "product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64" }, "product_reference": "MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP5" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-devel-68.2.0-109.95.2.ppc64le as component of SUSE Linux Enterprise Software Development Kit 12 SP5", "product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le" }, "product_reference": "MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP5" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-devel-68.2.0-109.95.2.s390x as component of SUSE Linux Enterprise Software Development Kit 12 SP5", "product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x" }, "product_reference": "MozillaFirefox-devel-68.2.0-109.95.2.s390x", "relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP5" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-devel-68.2.0-109.95.2.x86_64 as component of SUSE Linux Enterprise Software Development Kit 12 SP5", "product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64" }, "product_reference": "MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP5" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-68.2.0-109.95.2.ppc64le as component of SUSE Linux Enterprise Server 12 SP1-LTSS", "product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le" }, "product_reference": "MozillaFirefox-68.2.0-109.95.2.ppc64le", "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-68.2.0-109.95.2.s390x as component of SUSE Linux Enterprise Server 12 SP1-LTSS", "product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x" }, "product_reference": "MozillaFirefox-68.2.0-109.95.2.s390x", "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-68.2.0-109.95.2.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS", "product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64" }, "product_reference": "MozillaFirefox-68.2.0-109.95.2.x86_64", "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-devel-68.2.0-109.95.2.ppc64le as component of SUSE Linux Enterprise Server 12 SP1-LTSS", "product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le" }, "product_reference": "MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-devel-68.2.0-109.95.2.s390x as component of SUSE Linux Enterprise Server 12 SP1-LTSS", "product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x" }, "product_reference": "MozillaFirefox-devel-68.2.0-109.95.2.s390x", "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-devel-68.2.0-109.95.2.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS", "product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64" }, "product_reference": "MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le as component of SUSE Linux Enterprise Server 12 SP1-LTSS", "product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le" }, "product_reference": "MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-translations-common-68.2.0-109.95.2.s390x as component of SUSE Linux Enterprise Server 12 SP1-LTSS", "product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x" }, "product_reference": "MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS", "product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" }, "product_reference": "MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-68.2.0-109.95.2.ppc64le as component of SUSE Linux Enterprise Server 12 SP2-LTSS", "product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le" }, "product_reference": "MozillaFirefox-68.2.0-109.95.2.ppc64le", "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-68.2.0-109.95.2.s390x as component of SUSE Linux Enterprise Server 12 SP2-LTSS", "product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x" }, "product_reference": "MozillaFirefox-68.2.0-109.95.2.s390x", "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-68.2.0-109.95.2.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-LTSS", "product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64" }, "product_reference": "MozillaFirefox-68.2.0-109.95.2.x86_64", "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-devel-68.2.0-109.95.2.ppc64le as component of SUSE Linux Enterprise Server 12 SP2-LTSS", "product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le" }, "product_reference": "MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-devel-68.2.0-109.95.2.s390x as component of SUSE Linux Enterprise Server 12 SP2-LTSS", "product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x" }, "product_reference": "MozillaFirefox-devel-68.2.0-109.95.2.s390x", "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-devel-68.2.0-109.95.2.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-LTSS", "product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64" }, "product_reference": "MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le as component of SUSE Linux Enterprise Server 12 SP2-LTSS", "product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le" }, "product_reference": "MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-translations-common-68.2.0-109.95.2.s390x as component of SUSE Linux Enterprise Server 12 SP2-LTSS", "product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x" }, "product_reference": "MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-LTSS", "product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" }, "product_reference": "MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-68.2.0-109.95.2.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-BCL", "product_id": "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64" }, "product_reference": "MozillaFirefox-68.2.0-109.95.2.x86_64", "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-BCL" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-devel-68.2.0-109.95.2.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-BCL", "product_id": "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64" }, "product_reference": "MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-BCL" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-BCL", "product_id": "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" }, "product_reference": "MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-BCL" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-68.2.0-109.95.2.aarch64 as component of SUSE Linux Enterprise Server 12 SP3-LTSS", "product_id": "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64" }, "product_reference": "MozillaFirefox-68.2.0-109.95.2.aarch64", "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-68.2.0-109.95.2.ppc64le as component of SUSE Linux Enterprise Server 12 SP3-LTSS", "product_id": "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le" }, "product_reference": "MozillaFirefox-68.2.0-109.95.2.ppc64le", "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-68.2.0-109.95.2.s390x as component of SUSE Linux Enterprise Server 12 SP3-LTSS", "product_id": "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x" }, "product_reference": "MozillaFirefox-68.2.0-109.95.2.s390x", "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-68.2.0-109.95.2.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-LTSS", "product_id": "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64" }, "product_reference": "MozillaFirefox-68.2.0-109.95.2.x86_64", "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64 as component of SUSE Linux Enterprise Server 12 SP3-LTSS", "product_id": "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64" }, "product_reference": "MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le as component of SUSE Linux Enterprise Server 12 SP3-LTSS", "product_id": "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le" }, "product_reference": "MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-translations-common-68.2.0-109.95.2.s390x as component of SUSE Linux Enterprise Server 12 SP3-LTSS", "product_id": "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x" }, "product_reference": "MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-LTSS", "product_id": "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" }, "product_reference": "MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-68.2.0-109.95.2.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-BCL", "product_id": "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64" }, "product_reference": "MozillaFirefox-68.2.0-109.95.2.x86_64", "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-BCL" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-BCL", "product_id": "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" }, "product_reference": "MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-BCL" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-68.2.0-109.95.2.aarch64 as component of SUSE Linux Enterprise Server 12 SP4", "product_id": "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64" }, "product_reference": "MozillaFirefox-68.2.0-109.95.2.aarch64", "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-68.2.0-109.95.2.ppc64le as component of SUSE Linux Enterprise Server 12 SP4", "product_id": "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le" }, "product_reference": "MozillaFirefox-68.2.0-109.95.2.ppc64le", "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-68.2.0-109.95.2.s390x as component of SUSE Linux Enterprise Server 12 SP4", "product_id": "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x" }, "product_reference": "MozillaFirefox-68.2.0-109.95.2.s390x", "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-68.2.0-109.95.2.x86_64 as component of SUSE Linux Enterprise Server 12 SP4", "product_id": "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64" }, "product_reference": "MozillaFirefox-68.2.0-109.95.2.x86_64", "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64 as component of SUSE Linux Enterprise Server 12 SP4", "product_id": "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64" }, "product_reference": "MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le as component of SUSE Linux Enterprise Server 12 SP4", "product_id": "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le" }, "product_reference": "MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-translations-common-68.2.0-109.95.2.s390x as component of SUSE Linux Enterprise Server 12 SP4", "product_id": "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x" }, "product_reference": "MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64 as component of SUSE Linux Enterprise Server 12 SP4", "product_id": "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" }, "product_reference": "MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-68.2.0-109.95.2.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4", "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64" }, "product_reference": "MozillaFirefox-68.2.0-109.95.2.aarch64", "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-68.2.0-109.95.2.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4", "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le" }, "product_reference": "MozillaFirefox-68.2.0-109.95.2.ppc64le", "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-68.2.0-109.95.2.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4", "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x" }, "product_reference": "MozillaFirefox-68.2.0-109.95.2.s390x", "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-68.2.0-109.95.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4", "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64" }, "product_reference": "MozillaFirefox-68.2.0-109.95.2.x86_64", "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4", "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64" }, "product_reference": "MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4", "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le" }, "product_reference": "MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-translations-common-68.2.0-109.95.2.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4", "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x" }, "product_reference": "MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4", "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" }, "product_reference": "MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-68.2.0-109.95.2.aarch64 as component of SUSE Linux Enterprise Server 12 SP5", "product_id": "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64" }, "product_reference": "MozillaFirefox-68.2.0-109.95.2.aarch64", "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-68.2.0-109.95.2.ppc64le as component of SUSE Linux Enterprise Server 12 SP5", "product_id": "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le" }, "product_reference": "MozillaFirefox-68.2.0-109.95.2.ppc64le", "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-68.2.0-109.95.2.s390x as component of SUSE Linux Enterprise Server 12 SP5", "product_id": "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x" }, "product_reference": "MozillaFirefox-68.2.0-109.95.2.s390x", "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-68.2.0-109.95.2.x86_64 as component of SUSE Linux Enterprise Server 12 SP5", "product_id": "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64" }, "product_reference": "MozillaFirefox-68.2.0-109.95.2.x86_64", "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64 as component of SUSE Linux Enterprise Server 12 SP5", "product_id": "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64" }, "product_reference": "MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le as component of SUSE Linux Enterprise Server 12 SP5", "product_id": "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le" }, "product_reference": "MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-translations-common-68.2.0-109.95.2.s390x as component of SUSE Linux Enterprise Server 12 SP5", "product_id": "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x" }, "product_reference": "MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64 as component of SUSE Linux Enterprise Server 12 SP5", "product_id": "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" }, "product_reference": "MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-68.2.0-109.95.2.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5", "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64" }, "product_reference": "MozillaFirefox-68.2.0-109.95.2.aarch64", "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-68.2.0-109.95.2.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5", "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le" }, "product_reference": "MozillaFirefox-68.2.0-109.95.2.ppc64le", "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-68.2.0-109.95.2.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5", "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x" }, "product_reference": "MozillaFirefox-68.2.0-109.95.2.s390x", "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-68.2.0-109.95.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5", "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64" }, "product_reference": "MozillaFirefox-68.2.0-109.95.2.x86_64", "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5", "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64" }, "product_reference": "MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5", "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le" }, "product_reference": "MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-translations-common-68.2.0-109.95.2.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5", "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x" }, "product_reference": "MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5", "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" }, "product_reference": "MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-68.2.0-109.95.2.aarch64 as component of SUSE Enterprise Storage 5", "product_id": "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64" }, "product_reference": "MozillaFirefox-68.2.0-109.95.2.aarch64", "relates_to_product_reference": "SUSE Enterprise Storage 5" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-68.2.0-109.95.2.x86_64 as component of SUSE Enterprise Storage 5", "product_id": "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64" }, "product_reference": "MozillaFirefox-68.2.0-109.95.2.x86_64", "relates_to_product_reference": "SUSE Enterprise Storage 5" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64 as component of SUSE Enterprise Storage 5", "product_id": "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64" }, "product_reference": "MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "relates_to_product_reference": "SUSE Enterprise Storage 5" }, { "category": "default_component_of", "full_product_name": { "name": "MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64 as component of SUSE Enterprise Storage 5", "product_id": "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" }, "product_reference": "MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "relates_to_product_reference": "SUSE Enterprise Storage 5" } ] }, "vulnerabilities": [ { "cve": "CVE-2016-2830", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2016-2830" } ], "notes": [ { "category": "general", "text": "Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 preserve the network connection used for favicon resource retrieval after the associated browser window is closed, which makes it easier for remote web servers to track users by observing network traffic from multiple IP addresses.", "title": "CVE description" } ], "product_status": { "recommended": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2016-2830", "url": "https://www.suse.com/security/cve/CVE-2016-2830" }, { "category": "external", "summary": "SUSE Bug 983922 for CVE-2016-2830", "url": "https://bugzilla.suse.com/983922" }, { "category": "external", "summary": "SUSE Bug 991809 for CVE-2016-2830", "url": "https://bugzilla.suse.com/991809" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 4.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", "version": "3.0" }, "products": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2019-10-31T07:53:30Z", "details": "moderate" } ], "title": "CVE-2016-2830" }, { "cve": "CVE-2016-5289", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2016-5289" } ], "notes": [ { "category": "general", "text": "Memory safety bugs were reported in Firefox 49. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox \u003c 50.", "title": "CVE description" } ], "product_status": { "recommended": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2016-5289", "url": "https://www.suse.com/security/cve/CVE-2016-5289" }, { "category": "external", "summary": "SUSE Bug 1009026 for CVE-2016-5289", "url": "https://bugzilla.suse.com/1009026" }, { "category": "external", "summary": "SUSE Bug 1010426 for CVE-2016-5289", "url": "https://bugzilla.suse.com/1010426" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2019-10-31T07:53:30Z", "details": "important" } ], "title": "CVE-2016-5289" }, { "cve": "CVE-2016-5292", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2016-5292" } ], "notes": [ { "category": "general", "text": "During URL parsing, a maliciously crafted URL can cause a potentially exploitable crash. This vulnerability affects Firefox \u003c 50.", "title": "CVE description" } ], "product_status": { "recommended": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2016-5292", "url": "https://www.suse.com/security/cve/CVE-2016-5292" }, { "category": "external", "summary": "SUSE Bug 1009026 for CVE-2016-5292", "url": "https://bugzilla.suse.com/1009026" }, { "category": "external", "summary": "SUSE Bug 1010399 for CVE-2016-5292", "url": "https://bugzilla.suse.com/1010399" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2019-10-31T07:53:30Z", "details": "moderate" } ], "title": "CVE-2016-5292" }, { "cve": "CVE-2016-9063", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2016-9063" } ], "notes": [ { "category": "general", "text": "An integer overflow during the parsing of XML using the Expat library. This vulnerability affects Firefox \u003c 50.", "title": "CVE description" } ], "product_status": { "recommended": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2016-9063", "url": "https://www.suse.com/security/cve/CVE-2016-9063" }, { "category": "external", "summary": "SUSE Bug 1009026 for CVE-2016-9063", "url": "https://bugzilla.suse.com/1009026" }, { "category": "external", "summary": "SUSE Bug 1010424 for CVE-2016-9063", "url": "https://bugzilla.suse.com/1010424" }, { "category": "external", "summary": "SUSE Bug 1047240 for CVE-2016-9063", "url": "https://bugzilla.suse.com/1047240" }, { "category": "external", "summary": "SUSE Bug 1123115 for CVE-2016-9063", "url": "https://bugzilla.suse.com/1123115" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2019-10-31T07:53:30Z", "details": "critical" } ], "title": "CVE-2016-9063" }, { "cve": "CVE-2016-9067", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2016-9067" } ], "notes": [ { "category": "general", "text": "Two use-after-free errors during DOM operations resulting in potentially exploitable crashes. This vulnerability affects Firefox \u003c 50.", "title": "CVE description" } ], "product_status": { "recommended": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2016-9067", "url": "https://www.suse.com/security/cve/CVE-2016-9067" }, { "category": "external", "summary": "SUSE Bug 1009026 for CVE-2016-9067", "url": "https://bugzilla.suse.com/1009026" }, { "category": "external", "summary": "SUSE Bug 1010405 for CVE-2016-9067", "url": "https://bugzilla.suse.com/1010405" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2019-10-31T07:53:30Z", "details": "moderate" } ], "title": "CVE-2016-9067" }, { "cve": "CVE-2016-9068", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2016-9068" } ], "notes": [ { "category": "general", "text": "A use-after-free during web animations when working with timelines resulting in a potentially exploitable crash. This vulnerability affects Firefox \u003c 50.", "title": "CVE description" } ], "product_status": { "recommended": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2016-9068", "url": "https://www.suse.com/security/cve/CVE-2016-9068" }, { "category": "external", "summary": "SUSE Bug 1009026 for CVE-2016-9068", "url": "https://bugzilla.suse.com/1009026" }, { "category": "external", "summary": "SUSE Bug 1010406 for CVE-2016-9068", "url": "https://bugzilla.suse.com/1010406" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 8.3, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1" }, "products": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2019-10-31T07:53:30Z", "details": "important" } ], "title": "CVE-2016-9068" }, { "cve": "CVE-2016-9069", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2016-9069" } ], "notes": [ { "category": "general", "text": "A use-after-free in nsINode::ReplaceOrInsertBefore during DOM operations resulting in potentially exploitable crashes. This vulnerability affects Firefox \u003c 50.", "title": "CVE description" } ], "product_status": { "recommended": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2016-9069", "url": "https://www.suse.com/security/cve/CVE-2016-9069" }, { "category": "external", "summary": "SUSE Bug 1009026 for CVE-2016-9069", "url": "https://bugzilla.suse.com/1009026" }, { "category": "external", "summary": "SUSE Bug 1010405 for CVE-2016-9069", "url": "https://bugzilla.suse.com/1010405" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2019-10-31T07:53:30Z", "details": "moderate" } ], "title": "CVE-2016-9069" }, { "cve": "CVE-2016-9071", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2016-9071" } ], "notes": [ { "category": "general", "text": "Content Security Policy combined with HTTP to HTTPS redirection can be used by malicious server to verify whether a known site is within a user\u0027s browser history. This vulnerability affects Firefox \u003c 50.", "title": "CVE description" } ], "product_status": { "recommended": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2016-9071", "url": "https://www.suse.com/security/cve/CVE-2016-9071" }, { "category": "external", "summary": "SUSE Bug 1009026 for CVE-2016-9071", "url": "https://bugzilla.suse.com/1009026" }, { "category": "external", "summary": "SUSE Bug 1010425 for CVE-2016-9071", "url": "https://bugzilla.suse.com/1010425" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.0" }, "products": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2019-10-31T07:53:30Z", "details": "low" } ], "title": "CVE-2016-9071" }, { "cve": "CVE-2016-9073", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2016-9073" } ], "notes": [ { "category": "general", "text": "WebExtensions can bypass security checks to load privileged URLs and potentially escape the WebExtension sandbox. This vulnerability affects Firefox \u003c 50.", "title": "CVE description" } ], "product_status": { "recommended": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2016-9073", "url": "https://www.suse.com/security/cve/CVE-2016-9073" }, { "category": "external", "summary": "SUSE Bug 1009026 for CVE-2016-9073", "url": "https://bugzilla.suse.com/1009026" }, { "category": "external", "summary": "SUSE Bug 1010421 for CVE-2016-9073", "url": "https://bugzilla.suse.com/1010421" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.0" }, "products": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2019-10-31T07:53:30Z", "details": "low" } ], "title": "CVE-2016-9073" }, { "cve": "CVE-2016-9075", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2016-9075" } ], "notes": [ { "category": "general", "text": "An issue where WebExtensions can use the mozAddonManager API to elevate privilege due to privileged pages being allowed in the permissions list. This allows a malicious extension to then install additional extensions without explicit user permission. This vulnerability affects Firefox \u003c 50.", "title": "CVE description" } ], "product_status": { "recommended": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2016-9075", "url": "https://www.suse.com/security/cve/CVE-2016-9075" }, { "category": "external", "summary": "SUSE Bug 1009026 for CVE-2016-9075", "url": "https://bugzilla.suse.com/1009026" }, { "category": "external", "summary": "SUSE Bug 1010408 for CVE-2016-9075", "url": "https://bugzilla.suse.com/1010408" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2019-10-31T07:53:30Z", "details": "moderate" } ], "title": "CVE-2016-9075" }, { "cve": "CVE-2016-9076", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2016-9076" } ], "notes": [ { "category": "general", "text": "An issue where a \"\u003cselect\u003e\" dropdown menu can be used to cover location bar content, resulting in potential spoofing attacks. This attack requires e10s to be enabled in order to function. This vulnerability affects Firefox \u003c 50.", "title": "CVE description" } ], "product_status": { "recommended": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2016-9076", "url": "https://www.suse.com/security/cve/CVE-2016-9076" }, { "category": "external", "summary": "SUSE Bug 1009026 for CVE-2016-9076", "url": "https://bugzilla.suse.com/1009026" }, { "category": "external", "summary": "SUSE Bug 1010423 for CVE-2016-9076", "url": "https://bugzilla.suse.com/1010423" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.9, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.0" }, "products": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2019-10-31T07:53:30Z", "details": "moderate" } ], "title": "CVE-2016-9076" }, { "cve": "CVE-2016-9077", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2016-9077" } ], "notes": [ { "category": "general", "text": "Canvas allows the use of the \"feDisplacementMap\" filter on images loaded cross-origin. The rendering by the filter is variable depending on the input pixel, allowing for timing attacks when the images are loaded from third party locations. This vulnerability affects Firefox \u003c 50.", "title": "CVE description" } ], "product_status": { "recommended": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2016-9077", "url": "https://www.suse.com/security/cve/CVE-2016-9077" }, { "category": "external", "summary": "SUSE Bug 1009026 for CVE-2016-9077", "url": "https://bugzilla.suse.com/1009026" }, { "category": "external", "summary": "SUSE Bug 1010409 for CVE-2016-9077", "url": "https://bugzilla.suse.com/1010409" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2019-10-31T07:53:30Z", "details": "moderate" } ], "title": "CVE-2016-9077" }, { "cve": "CVE-2017-7789", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2017-7789" } ], "notes": [ { "category": "general", "text": "If a server sends two Strict-Transport-Security (STS) headers for a single connection, they will be rejected as invalid and HTTP Strict Transport Security (HSTS) will not be enabled for the connection. This vulnerability affects Firefox \u003c 55.", "title": "CVE description" } ], "product_status": { "recommended": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2017-7789", "url": "https://www.suse.com/security/cve/CVE-2017-7789" }, { "category": "external", "summary": "SUSE Bug 1047281 for CVE-2017-7789", "url": "https://bugzilla.suse.com/1047281" }, { "category": "external", "summary": "SUSE Bug 1052829 for CVE-2017-7789", "url": "https://bugzilla.suse.com/1052829" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.9, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2019-10-31T07:53:30Z", "details": "moderate" } ], "title": "CVE-2017-7789" }, { "cve": "CVE-2018-5150", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2018-5150" } ], "notes": [ { "category": "general", "text": "Memory safety bugs were reported in Firefox 59, Firefox ESR 52.7, and Thunderbird 52.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird \u003c 52.8, Thunderbird ESR \u003c 52.8, Firefox \u003c 60, and Firefox ESR \u003c 52.8.", "title": "CVE description" } ], "product_status": { "recommended": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2018-5150", "url": "https://www.suse.com/security/cve/CVE-2018-5150" }, { "category": "external", "summary": "SUSE Bug 1092548 for CVE-2018-5150", "url": "https://bugzilla.suse.com/1092548" }, { "category": "external", "summary": "SUSE Bug 1092611 for CVE-2018-5150", "url": "https://bugzilla.suse.com/1092611" }, { "category": "external", "summary": "SUSE Bug 1093969 for CVE-2018-5150", "url": "https://bugzilla.suse.com/1093969" }, { "category": "external", "summary": "SUSE Bug 1093970 for CVE-2018-5150", "url": "https://bugzilla.suse.com/1093970" }, { "category": "external", "summary": "SUSE Bug 1093971 for CVE-2018-5150", "url": "https://bugzilla.suse.com/1093971" }, { "category": "external", "summary": "SUSE Bug 1093972 for CVE-2018-5150", "url": "https://bugzilla.suse.com/1093972" }, { "category": "external", "summary": "SUSE Bug 1093973 for CVE-2018-5150", "url": "https://bugzilla.suse.com/1093973" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2019-10-31T07:53:30Z", "details": "important" } ], "title": "CVE-2018-5150" }, { "cve": "CVE-2018-5151", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2018-5151" } ], "notes": [ { "category": "general", "text": "Memory safety bugs were reported in Firefox 59. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox \u003c 60.", "title": "CVE description" } ], "product_status": { "recommended": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2018-5151", "url": "https://www.suse.com/security/cve/CVE-2018-5151" }, { "category": "external", "summary": "SUSE Bug 1092548 for CVE-2018-5151", "url": "https://bugzilla.suse.com/1092548" }, { "category": "external", "summary": "SUSE Bug 1092611 for CVE-2018-5151", "url": "https://bugzilla.suse.com/1092611" }, { "category": "external", "summary": "SUSE Bug 1093969 for CVE-2018-5151", "url": "https://bugzilla.suse.com/1093969" }, { "category": "external", "summary": "SUSE Bug 1093970 for CVE-2018-5151", "url": "https://bugzilla.suse.com/1093970" }, { "category": "external", "summary": "SUSE Bug 1093971 for CVE-2018-5151", "url": "https://bugzilla.suse.com/1093971" }, { "category": "external", "summary": "SUSE Bug 1093972 for CVE-2018-5151", "url": "https://bugzilla.suse.com/1093972" }, { "category": "external", "summary": "SUSE Bug 1093973 for CVE-2018-5151", "url": "https://bugzilla.suse.com/1093973" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2019-10-31T07:53:30Z", "details": "important" } ], "title": "CVE-2018-5151" }, { "cve": "CVE-2018-5152", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2018-5152" } ], "notes": [ { "category": "general", "text": "WebExtensions with the appropriate permissions can attach content scripts to Mozilla sites such as accounts.firefox.com and listen to network traffic to the site through the \"webRequest\" API. For example, this allows for the interception of username and an encrypted password during login to Firefox Accounts. This issue does not expose synchronization traffic directly and is limited to the process of user login to the website and the data displayed to the user once logged in. This vulnerability affects Firefox \u003c 60.", "title": "CVE description" } ], "product_status": { "recommended": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2018-5152", "url": "https://www.suse.com/security/cve/CVE-2018-5152" }, { "category": "external", "summary": "SUSE Bug 1092548 for CVE-2018-5152", "url": "https://bugzilla.suse.com/1092548" }, { "category": "external", "summary": "SUSE Bug 1092611 for CVE-2018-5152", "url": "https://bugzilla.suse.com/1092611" }, { "category": "external", "summary": "SUSE Bug 1093969 for CVE-2018-5152", "url": "https://bugzilla.suse.com/1093969" }, { "category": "external", "summary": "SUSE Bug 1093970 for CVE-2018-5152", "url": "https://bugzilla.suse.com/1093970" }, { "category": "external", "summary": "SUSE Bug 1093971 for CVE-2018-5152", "url": "https://bugzilla.suse.com/1093971" }, { "category": "external", "summary": "SUSE Bug 1093972 for CVE-2018-5152", "url": "https://bugzilla.suse.com/1093972" }, { "category": "external", "summary": "SUSE Bug 1093973 for CVE-2018-5152", "url": "https://bugzilla.suse.com/1093973" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2019-10-31T07:53:30Z", "details": "important" } ], "title": "CVE-2018-5152" }, { "cve": "CVE-2018-5153", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2018-5153" } ], "notes": [ { "category": "general", "text": "If websocket data is sent with mixed text and binary in a single message, the binary data can be corrupted. This can result in an out-of-bounds read with the read memory sent to the originating server in response. This vulnerability affects Firefox \u003c 60.", "title": "CVE description" } ], "product_status": { "recommended": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2018-5153", "url": "https://www.suse.com/security/cve/CVE-2018-5153" }, { "category": "external", "summary": "SUSE Bug 1092548 for CVE-2018-5153", "url": "https://bugzilla.suse.com/1092548" }, { "category": "external", "summary": "SUSE Bug 1092611 for CVE-2018-5153", "url": "https://bugzilla.suse.com/1092611" }, { "category": "external", "summary": "SUSE Bug 1093969 for CVE-2018-5153", "url": "https://bugzilla.suse.com/1093969" }, { "category": "external", "summary": "SUSE Bug 1093970 for CVE-2018-5153", "url": "https://bugzilla.suse.com/1093970" }, { "category": "external", "summary": "SUSE Bug 1093971 for CVE-2018-5153", "url": "https://bugzilla.suse.com/1093971" }, { "category": "external", "summary": "SUSE Bug 1093972 for CVE-2018-5153", "url": "https://bugzilla.suse.com/1093972" }, { "category": "external", "summary": "SUSE Bug 1093973 for CVE-2018-5153", "url": "https://bugzilla.suse.com/1093973" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2019-10-31T07:53:30Z", "details": "important" } ], "title": "CVE-2018-5153" }, { "cve": "CVE-2018-5154", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2018-5154" } ], "notes": [ { "category": "general", "text": "A use-after-free vulnerability can occur while enumerating attributes during SVG animations with clip paths. This results in a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 52.8, Thunderbird ESR \u003c 52.8, Firefox \u003c 60, and Firefox ESR \u003c 52.8.", "title": "CVE description" } ], "product_status": { "recommended": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2018-5154", "url": "https://www.suse.com/security/cve/CVE-2018-5154" }, { "category": "external", "summary": "SUSE Bug 1092548 for CVE-2018-5154", "url": "https://bugzilla.suse.com/1092548" }, { "category": "external", "summary": "SUSE Bug 1092611 for CVE-2018-5154", "url": "https://bugzilla.suse.com/1092611" }, { "category": "external", "summary": "SUSE Bug 1093969 for CVE-2018-5154", "url": "https://bugzilla.suse.com/1093969" }, { "category": "external", "summary": "SUSE Bug 1093970 for CVE-2018-5154", "url": "https://bugzilla.suse.com/1093970" }, { "category": "external", "summary": "SUSE Bug 1093971 for CVE-2018-5154", "url": "https://bugzilla.suse.com/1093971" }, { "category": "external", "summary": "SUSE Bug 1093972 for CVE-2018-5154", "url": "https://bugzilla.suse.com/1093972" }, { "category": "external", "summary": "SUSE Bug 1093973 for CVE-2018-5154", "url": "https://bugzilla.suse.com/1093973" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2019-10-31T07:53:30Z", "details": "important" } ], "title": "CVE-2018-5154" }, { "cve": "CVE-2018-5155", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2018-5155" } ], "notes": [ { "category": "general", "text": "A use-after-free vulnerability can occur while adjusting layout during SVG animations with text paths. This results in a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 52.8, Thunderbird ESR \u003c 52.8, Firefox \u003c 60, and Firefox ESR \u003c 52.8.", "title": "CVE description" } ], "product_status": { "recommended": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2018-5155", "url": "https://www.suse.com/security/cve/CVE-2018-5155" }, { "category": "external", "summary": "SUSE Bug 1092548 for CVE-2018-5155", "url": "https://bugzilla.suse.com/1092548" }, { "category": "external", "summary": "SUSE Bug 1092611 for CVE-2018-5155", "url": "https://bugzilla.suse.com/1092611" }, { "category": "external", "summary": "SUSE Bug 1093969 for CVE-2018-5155", "url": "https://bugzilla.suse.com/1093969" }, { "category": "external", "summary": "SUSE Bug 1093970 for CVE-2018-5155", "url": "https://bugzilla.suse.com/1093970" }, { "category": "external", "summary": "SUSE Bug 1093971 for CVE-2018-5155", "url": "https://bugzilla.suse.com/1093971" }, { "category": "external", "summary": "SUSE Bug 1093972 for CVE-2018-5155", "url": "https://bugzilla.suse.com/1093972" }, { "category": "external", "summary": "SUSE Bug 1093973 for CVE-2018-5155", "url": "https://bugzilla.suse.com/1093973" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2019-10-31T07:53:30Z", "details": "important" } ], "title": "CVE-2018-5155" }, { "cve": "CVE-2018-5157", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2018-5157" } ], "notes": [ { "category": "general", "text": "Same-origin protections for the PDF viewer can be bypassed, allowing a malicious site to intercept messages meant for the viewer. This could allow the site to retrieve PDF files restricted to viewing by an authenticated user on a third-party website. This vulnerability affects Firefox ESR \u003c 52.8 and Firefox \u003c 60.", "title": "CVE description" } ], "product_status": { "recommended": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2018-5157", "url": "https://www.suse.com/security/cve/CVE-2018-5157" }, { "category": "external", "summary": "SUSE Bug 1092548 for CVE-2018-5157", "url": "https://bugzilla.suse.com/1092548" }, { "category": "external", "summary": "SUSE Bug 1092611 for CVE-2018-5157", "url": "https://bugzilla.suse.com/1092611" }, { "category": "external", "summary": "SUSE Bug 1093969 for CVE-2018-5157", "url": "https://bugzilla.suse.com/1093969" }, { "category": "external", "summary": "SUSE Bug 1093970 for CVE-2018-5157", "url": "https://bugzilla.suse.com/1093970" }, { "category": "external", "summary": "SUSE Bug 1093971 for CVE-2018-5157", "url": "https://bugzilla.suse.com/1093971" }, { "category": "external", "summary": "SUSE Bug 1093972 for CVE-2018-5157", "url": "https://bugzilla.suse.com/1093972" }, { "category": "external", "summary": "SUSE Bug 1093973 for CVE-2018-5157", "url": "https://bugzilla.suse.com/1093973" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2019-10-31T07:53:30Z", "details": "important" } ], "title": "CVE-2018-5157" }, { "cve": "CVE-2018-5158", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2018-5158" } ], "notes": [ { "category": "general", "text": "The PDF viewer does not sufficiently sanitize PostScript calculator functions, allowing malicious JavaScript to be injected through a crafted PDF file. This JavaScript can then be run with the permissions of the PDF viewer by its worker. This vulnerability affects Firefox ESR \u003c 52.8 and Firefox \u003c 60.", "title": "CVE description" } ], "product_status": { "recommended": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2018-5158", "url": "https://www.suse.com/security/cve/CVE-2018-5158" }, { "category": "external", "summary": "SUSE Bug 1092548 for CVE-2018-5158", "url": "https://bugzilla.suse.com/1092548" }, { "category": "external", "summary": "SUSE Bug 1092611 for CVE-2018-5158", "url": "https://bugzilla.suse.com/1092611" }, { "category": "external", "summary": "SUSE Bug 1093969 for CVE-2018-5158", "url": "https://bugzilla.suse.com/1093969" }, { "category": "external", "summary": "SUSE Bug 1093970 for CVE-2018-5158", "url": "https://bugzilla.suse.com/1093970" }, { "category": "external", "summary": "SUSE Bug 1093971 for CVE-2018-5158", "url": "https://bugzilla.suse.com/1093971" }, { "category": "external", "summary": "SUSE Bug 1093972 for CVE-2018-5158", "url": "https://bugzilla.suse.com/1093972" }, { "category": "external", "summary": "SUSE Bug 1093973 for CVE-2018-5158", "url": "https://bugzilla.suse.com/1093973" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2019-10-31T07:53:30Z", "details": "important" } ], "title": "CVE-2018-5158" }, { "cve": "CVE-2018-5159", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2018-5159" } ], "notes": [ { "category": "general", "text": "An integer overflow can occur in the Skia library due to 32-bit integer use in an array without integer overflow checks, resulting in possible out-of-bounds writes. This could lead to a potentially exploitable crash triggerable by web content. This vulnerability affects Thunderbird \u003c 52.8, Thunderbird ESR \u003c 52.8, Firefox \u003c 60, and Firefox ESR \u003c 52.8.", "title": "CVE description" } ], "product_status": { "recommended": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2018-5159", "url": "https://www.suse.com/security/cve/CVE-2018-5159" }, { "category": "external", "summary": "SUSE Bug 1092548 for CVE-2018-5159", "url": "https://bugzilla.suse.com/1092548" }, { "category": "external", "summary": "SUSE Bug 1092611 for CVE-2018-5159", "url": "https://bugzilla.suse.com/1092611" }, { "category": "external", "summary": "SUSE Bug 1093969 for CVE-2018-5159", "url": "https://bugzilla.suse.com/1093969" }, { "category": "external", "summary": "SUSE Bug 1093970 for CVE-2018-5159", "url": "https://bugzilla.suse.com/1093970" }, { "category": "external", "summary": "SUSE Bug 1093971 for CVE-2018-5159", "url": "https://bugzilla.suse.com/1093971" }, { "category": "external", "summary": "SUSE Bug 1093972 for CVE-2018-5159", "url": "https://bugzilla.suse.com/1093972" }, { "category": "external", "summary": "SUSE Bug 1093973 for CVE-2018-5159", "url": "https://bugzilla.suse.com/1093973" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2019-10-31T07:53:30Z", "details": "important" } ], "title": "CVE-2018-5159" }, { "cve": "CVE-2018-5160", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2018-5160" } ], "notes": [ { "category": "general", "text": "WebRTC can use a \"WrappedI420Buffer\" pixel buffer but the owning image object can be freed while it is still in use. This can result in the WebRTC encoder using uninitialized memory, leading to a potentially exploitable crash. This vulnerability affects Firefox \u003c 60.", "title": "CVE description" } ], "product_status": { "recommended": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2018-5160", "url": "https://www.suse.com/security/cve/CVE-2018-5160" }, { "category": "external", "summary": "SUSE Bug 1092548 for CVE-2018-5160", "url": "https://bugzilla.suse.com/1092548" }, { "category": "external", "summary": "SUSE Bug 1092611 for CVE-2018-5160", "url": "https://bugzilla.suse.com/1092611" }, { "category": "external", "summary": "SUSE Bug 1093969 for CVE-2018-5160", "url": "https://bugzilla.suse.com/1093969" }, { "category": "external", "summary": "SUSE Bug 1093970 for CVE-2018-5160", "url": "https://bugzilla.suse.com/1093970" }, { "category": "external", "summary": "SUSE Bug 1093971 for CVE-2018-5160", "url": "https://bugzilla.suse.com/1093971" }, { "category": "external", "summary": "SUSE Bug 1093972 for CVE-2018-5160", "url": "https://bugzilla.suse.com/1093972" }, { "category": "external", "summary": "SUSE Bug 1093973 for CVE-2018-5160", "url": "https://bugzilla.suse.com/1093973" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2019-10-31T07:53:30Z", "details": "important" } ], "title": "CVE-2018-5160" }, { "cve": "CVE-2018-5163", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2018-5163" } ], "notes": [ { "category": "general", "text": "If a malicious attacker has used another vulnerability to gain full control over a content process, they may be able to replace the alternate data resources stored in the JavaScript Start-up Bytecode Cache (JSBC) for other JavaScript code. If the parent process then runs this replaced code, the executed script would be run with the parent process\u0027 privileges, escaping the sandbox on content processes. This vulnerability affects Firefox \u003c 60.", "title": "CVE description" } ], "product_status": { "recommended": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2018-5163", "url": "https://www.suse.com/security/cve/CVE-2018-5163" }, { "category": "external", "summary": "SUSE Bug 1092548 for CVE-2018-5163", "url": "https://bugzilla.suse.com/1092548" }, { "category": "external", "summary": "SUSE Bug 1092611 for CVE-2018-5163", "url": "https://bugzilla.suse.com/1092611" }, { "category": "external", "summary": "SUSE Bug 1093969 for CVE-2018-5163", "url": "https://bugzilla.suse.com/1093969" }, { "category": "external", "summary": "SUSE Bug 1093970 for CVE-2018-5163", "url": "https://bugzilla.suse.com/1093970" }, { "category": "external", "summary": "SUSE Bug 1093971 for CVE-2018-5163", "url": "https://bugzilla.suse.com/1093971" }, { "category": "external", "summary": "SUSE Bug 1093972 for CVE-2018-5163", "url": "https://bugzilla.suse.com/1093972" }, { "category": "external", "summary": "SUSE Bug 1093973 for CVE-2018-5163", "url": "https://bugzilla.suse.com/1093973" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 8.1, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2019-10-31T07:53:30Z", "details": "important" } ], "title": "CVE-2018-5163" }, { "cve": "CVE-2018-5164", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2018-5164" } ], "notes": [ { "category": "general", "text": "Content Security Policy (CSP) is not applied correctly to all parts of multipart content sent with the \"multipart/x-mixed-replace\" MIME type. This could allow for script to run where CSP should block it, allowing for cross-site scripting (XSS) and other attacks. This vulnerability affects Firefox \u003c 60.", "title": "CVE description" } ], "product_status": { "recommended": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2018-5164", "url": "https://www.suse.com/security/cve/CVE-2018-5164" }, { "category": "external", "summary": "SUSE Bug 1092548 for CVE-2018-5164", "url": "https://bugzilla.suse.com/1092548" }, { "category": "external", "summary": "SUSE Bug 1092611 for CVE-2018-5164", "url": "https://bugzilla.suse.com/1092611" }, { "category": "external", "summary": "SUSE Bug 1093969 for CVE-2018-5164", "url": "https://bugzilla.suse.com/1093969" }, { "category": "external", "summary": "SUSE Bug 1093970 for CVE-2018-5164", "url": "https://bugzilla.suse.com/1093970" }, { "category": "external", "summary": "SUSE Bug 1093971 for CVE-2018-5164", "url": "https://bugzilla.suse.com/1093971" }, { "category": "external", "summary": "SUSE Bug 1093972 for CVE-2018-5164", "url": "https://bugzilla.suse.com/1093972" }, { "category": "external", "summary": "SUSE Bug 1093973 for CVE-2018-5164", "url": "https://bugzilla.suse.com/1093973" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 6.1, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0" }, "products": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2019-10-31T07:53:30Z", "details": "important" } ], "title": "CVE-2018-5164" }, { "cve": "CVE-2018-5165", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2018-5165" } ], "notes": [ { "category": "general", "text": "In 32-bit versions of Firefox, the Adobe Flash plugin setting for \"Enable Adobe Flash protected mode\" is unchecked by default even though the Adobe Flash sandbox is actually enabled. The displayed state is the reverse of the true setting, resulting in user confusion. This could cause users to select this setting intending to activate it and inadvertently turn protections off. This vulnerability affects Firefox \u003c 60.", "title": "CVE description" } ], "product_status": { "recommended": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2018-5165", "url": "https://www.suse.com/security/cve/CVE-2018-5165" }, { "category": "external", "summary": "SUSE Bug 1092548 for CVE-2018-5165", "url": "https://bugzilla.suse.com/1092548" }, { "category": "external", "summary": "SUSE Bug 1092611 for CVE-2018-5165", "url": "https://bugzilla.suse.com/1092611" }, { "category": "external", "summary": "SUSE Bug 1093969 for CVE-2018-5165", "url": "https://bugzilla.suse.com/1093969" }, { "category": "external", "summary": "SUSE Bug 1093970 for CVE-2018-5165", "url": "https://bugzilla.suse.com/1093970" }, { "category": "external", "summary": "SUSE Bug 1093971 for CVE-2018-5165", "url": "https://bugzilla.suse.com/1093971" }, { "category": "external", "summary": "SUSE Bug 1093972 for CVE-2018-5165", "url": "https://bugzilla.suse.com/1093972" }, { "category": "external", "summary": "SUSE Bug 1093973 for CVE-2018-5165", "url": "https://bugzilla.suse.com/1093973" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0" }, "products": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2019-10-31T07:53:30Z", "details": "important" } ], "title": "CVE-2018-5165" }, { "cve": "CVE-2018-5166", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2018-5166" } ], "notes": [ { "category": "general", "text": "WebExtensions can use request redirection and a \"filterReponseData\" filter to bypass host permission settings to redirect network traffic and access content from a host for which they do not have explicit user permission. This vulnerability affects Firefox \u003c 60.", "title": "CVE description" } ], "product_status": { "recommended": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2018-5166", "url": "https://www.suse.com/security/cve/CVE-2018-5166" }, { "category": "external", "summary": "SUSE Bug 1092548 for CVE-2018-5166", "url": "https://bugzilla.suse.com/1092548" }, { "category": "external", "summary": "SUSE Bug 1092611 for CVE-2018-5166", "url": "https://bugzilla.suse.com/1092611" }, { "category": "external", "summary": "SUSE Bug 1093969 for CVE-2018-5166", "url": "https://bugzilla.suse.com/1093969" }, { "category": "external", "summary": "SUSE Bug 1093970 for CVE-2018-5166", "url": "https://bugzilla.suse.com/1093970" }, { "category": "external", "summary": "SUSE Bug 1093971 for CVE-2018-5166", "url": "https://bugzilla.suse.com/1093971" }, { "category": "external", "summary": "SUSE Bug 1093972 for CVE-2018-5166", "url": "https://bugzilla.suse.com/1093972" }, { "category": "external", "summary": "SUSE Bug 1093973 for CVE-2018-5166", "url": "https://bugzilla.suse.com/1093973" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2019-10-31T07:53:30Z", "details": "important" } ], "title": "CVE-2018-5166" }, { "cve": "CVE-2018-5167", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2018-5167" } ], "notes": [ { "category": "general", "text": "The web console and JavaScript debugger do not sanitize all output that can be hyperlinked. Both will display \"chrome:\" links as active, clickable hyperlinks in their output. Web sites should not be able to directly link to internal chrome pages. Additionally, the JavaScript debugger will display \"javascript:\" links, which users could be tricked into clicking by malicious sites. This vulnerability affects Firefox \u003c 60.", "title": "CVE description" } ], "product_status": { "recommended": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2018-5167", "url": "https://www.suse.com/security/cve/CVE-2018-5167" }, { "category": "external", "summary": "SUSE Bug 1092548 for CVE-2018-5167", "url": "https://bugzilla.suse.com/1092548" }, { "category": "external", "summary": "SUSE Bug 1092611 for CVE-2018-5167", "url": "https://bugzilla.suse.com/1092611" }, { "category": "external", "summary": "SUSE Bug 1093969 for CVE-2018-5167", "url": "https://bugzilla.suse.com/1093969" }, { "category": "external", "summary": "SUSE Bug 1093970 for CVE-2018-5167", "url": "https://bugzilla.suse.com/1093970" }, { "category": "external", "summary": "SUSE Bug 1093971 for CVE-2018-5167", "url": "https://bugzilla.suse.com/1093971" }, { "category": "external", "summary": "SUSE Bug 1093972 for CVE-2018-5167", "url": "https://bugzilla.suse.com/1093972" }, { "category": "external", "summary": "SUSE Bug 1093973 for CVE-2018-5167", "url": "https://bugzilla.suse.com/1093973" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 4.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", "version": "3.0" }, "products": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2019-10-31T07:53:30Z", "details": "important" } ], "title": "CVE-2018-5167" }, { "cve": "CVE-2018-5168", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2018-5168" } ], "notes": [ { "category": "general", "text": "Sites can bypass security checks on permissions to install lightweight themes by manipulating the \"baseURI\" property of the theme element. This could allow a malicious site to install a theme without user interaction which could contain offensive or embarrassing images. This vulnerability affects Thunderbird \u003c 52.8, Thunderbird ESR \u003c 52.8, Firefox \u003c 60, and Firefox ESR \u003c 52.8.", "title": "CVE description" } ], "product_status": { "recommended": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2018-5168", "url": "https://www.suse.com/security/cve/CVE-2018-5168" }, { "category": "external", "summary": "SUSE Bug 1092548 for CVE-2018-5168", "url": "https://bugzilla.suse.com/1092548" }, { "category": "external", "summary": "SUSE Bug 1092611 for CVE-2018-5168", "url": "https://bugzilla.suse.com/1092611" }, { "category": "external", "summary": "SUSE Bug 1093969 for CVE-2018-5168", "url": "https://bugzilla.suse.com/1093969" }, { "category": "external", "summary": "SUSE Bug 1093970 for CVE-2018-5168", "url": "https://bugzilla.suse.com/1093970" }, { "category": "external", "summary": "SUSE Bug 1093971 for CVE-2018-5168", "url": "https://bugzilla.suse.com/1093971" }, { "category": "external", "summary": "SUSE Bug 1093972 for CVE-2018-5168", "url": "https://bugzilla.suse.com/1093972" }, { "category": "external", "summary": "SUSE Bug 1093973 for CVE-2018-5168", "url": "https://bugzilla.suse.com/1093973" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0" }, "products": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2019-10-31T07:53:30Z", "details": "important" } ], "title": "CVE-2018-5168" }, { "cve": "CVE-2018-5169", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2018-5169" } ], "notes": [ { "category": "general", "text": "If manipulated hyperlinked text with \"chrome:\" URL contained in it is dragged and dropped on the \"home\" icon, the home page can be reset to include a normally-unlinkable chrome page as one of the home page tabs. This vulnerability affects Firefox \u003c 60.", "title": "CVE description" } ], "product_status": { "recommended": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2018-5169", "url": "https://www.suse.com/security/cve/CVE-2018-5169" }, { "category": "external", "summary": "SUSE Bug 1092548 for CVE-2018-5169", "url": "https://bugzilla.suse.com/1092548" }, { "category": "external", "summary": "SUSE Bug 1092611 for CVE-2018-5169", "url": "https://bugzilla.suse.com/1092611" }, { "category": "external", "summary": "SUSE Bug 1093969 for CVE-2018-5169", "url": "https://bugzilla.suse.com/1093969" }, { "category": "external", "summary": "SUSE Bug 1093970 for CVE-2018-5169", "url": "https://bugzilla.suse.com/1093970" }, { "category": "external", "summary": "SUSE Bug 1093971 for CVE-2018-5169", "url": "https://bugzilla.suse.com/1093971" }, { "category": "external", "summary": "SUSE Bug 1093972 for CVE-2018-5169", "url": "https://bugzilla.suse.com/1093972" }, { "category": "external", "summary": "SUSE Bug 1093973 for CVE-2018-5169", "url": "https://bugzilla.suse.com/1093973" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", "version": "3.0" }, "products": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2019-10-31T07:53:30Z", "details": "important" } ], "title": "CVE-2018-5169" }, { "cve": "CVE-2018-5172", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2018-5172" } ], "notes": [ { "category": "general", "text": "The Live Bookmarks page and the PDF viewer can run injected script content if a user pastes script from the clipboard into them while viewing RSS feeds or PDF files. This could allow a malicious site to socially engineer a user to copy and paste malicious script content that could then run with the context of either page but does not allow for privilege escalation. This vulnerability affects Firefox \u003c 60.", "title": "CVE description" } ], "product_status": { "recommended": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2018-5172", "url": "https://www.suse.com/security/cve/CVE-2018-5172" }, { "category": "external", "summary": "SUSE Bug 1092548 for CVE-2018-5172", "url": "https://bugzilla.suse.com/1092548" }, { "category": "external", "summary": "SUSE Bug 1092611 for CVE-2018-5172", "url": "https://bugzilla.suse.com/1092611" }, { "category": "external", "summary": "SUSE Bug 1093969 for CVE-2018-5172", "url": "https://bugzilla.suse.com/1093969" }, { "category": "external", "summary": "SUSE Bug 1093970 for CVE-2018-5172", "url": "https://bugzilla.suse.com/1093970" }, { "category": "external", "summary": "SUSE Bug 1093971 for CVE-2018-5172", "url": "https://bugzilla.suse.com/1093971" }, { "category": "external", "summary": "SUSE Bug 1093972 for CVE-2018-5172", "url": "https://bugzilla.suse.com/1093972" }, { "category": "external", "summary": "SUSE Bug 1093973 for CVE-2018-5172", "url": "https://bugzilla.suse.com/1093973" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 4.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", "version": "3.0" }, "products": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2019-10-31T07:53:30Z", "details": "important" } ], "title": "CVE-2018-5172" }, { "cve": "CVE-2018-5173", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2018-5173" } ], "notes": [ { "category": "general", "text": "The filename appearing in the \"Downloads\" panel improperly renders some Unicode characters, allowing for the file name to be spoofed. This can be used to obscure the file extension of potentially executable files from user view in the panel. Note: the dialog to open the file will show the full, correct filename and whether it is executable or not. This vulnerability affects Firefox \u003c 60.", "title": "CVE description" } ], "product_status": { "recommended": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2018-5173", "url": "https://www.suse.com/security/cve/CVE-2018-5173" }, { "category": "external", "summary": "SUSE Bug 1092548 for CVE-2018-5173", "url": "https://bugzilla.suse.com/1092548" }, { "category": "external", "summary": "SUSE Bug 1092611 for CVE-2018-5173", "url": "https://bugzilla.suse.com/1092611" }, { "category": "external", "summary": "SUSE Bug 1093969 for CVE-2018-5173", "url": "https://bugzilla.suse.com/1093969" }, { "category": "external", "summary": "SUSE Bug 1093970 for CVE-2018-5173", "url": "https://bugzilla.suse.com/1093970" }, { "category": "external", "summary": "SUSE Bug 1093971 for CVE-2018-5173", "url": "https://bugzilla.suse.com/1093971" }, { "category": "external", "summary": "SUSE Bug 1093972 for CVE-2018-5173", "url": "https://bugzilla.suse.com/1093972" }, { "category": "external", "summary": "SUSE Bug 1093973 for CVE-2018-5173", "url": "https://bugzilla.suse.com/1093973" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0" }, "products": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2019-10-31T07:53:30Z", "details": "important" } ], "title": "CVE-2018-5173" }, { "cve": "CVE-2018-5174", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2018-5174" } ], "notes": [ { "category": "general", "text": "In the Windows 10 April 2018 Update, Windows Defender SmartScreen honors the \"SEE_MASK_FLAG_NO_UI\" flag associated with downloaded files and will not show any UI. Files that are unknown and potentially dangerous will be allowed to run because SmartScreen will not prompt the user for a decision, and if the user is offline all files will be allowed to be opened because Windows won\u0027t prompt the user to ask what to do. Firefox incorrectly sets this flag when downloading files, leading to less secure behavior from SmartScreen. Note: this issue only affects Windows 10 users running the April 2018 update or later. It does not affect other Windows users or other operating systems. This vulnerability affects Thunderbird \u003c 52.8, Thunderbird ESR \u003c 52.8, Firefox \u003c 60, and Firefox ESR \u003c 52.8.", "title": "CVE description" } ], "product_status": { "recommended": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2018-5174", "url": "https://www.suse.com/security/cve/CVE-2018-5174" }, { "category": "external", "summary": "SUSE Bug 1092548 for CVE-2018-5174", "url": "https://bugzilla.suse.com/1092548" }, { "category": "external", "summary": "SUSE Bug 1092611 for CVE-2018-5174", "url": "https://bugzilla.suse.com/1092611" }, { "category": "external", "summary": "SUSE Bug 1093969 for CVE-2018-5174", "url": "https://bugzilla.suse.com/1093969" }, { "category": "external", "summary": "SUSE Bug 1093970 for CVE-2018-5174", "url": "https://bugzilla.suse.com/1093970" }, { "category": "external", "summary": "SUSE Bug 1093971 for CVE-2018-5174", "url": "https://bugzilla.suse.com/1093971" }, { "category": "external", "summary": "SUSE Bug 1093972 for CVE-2018-5174", "url": "https://bugzilla.suse.com/1093972" }, { "category": "external", "summary": "SUSE Bug 1093973 for CVE-2018-5174", "url": "https://bugzilla.suse.com/1093973" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.0" }, "products": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2019-10-31T07:53:30Z", "details": "important" } ], "title": "CVE-2018-5174" }, { "cve": "CVE-2018-5175", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2018-5175" } ], "notes": [ { "category": "general", "text": "A mechanism to bypass Content Security Policy (CSP) protections on sites that have a \"script-src\" policy of \"\u0027strict-dynamic\u0027\". If a target website contains an HTML injection flaw an attacker could inject a reference to a copy of the \"require.js\" library that is part of Firefox\u0027s Developer Tools, and then use a known technique using that library to bypass the CSP restrictions on executing injected scripts. This vulnerability affects Firefox \u003c 60.", "title": "CVE description" } ], "product_status": { "recommended": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2018-5175", "url": "https://www.suse.com/security/cve/CVE-2018-5175" }, { "category": "external", "summary": "SUSE Bug 1092548 for CVE-2018-5175", "url": "https://bugzilla.suse.com/1092548" }, { "category": "external", "summary": "SUSE Bug 1092611 for CVE-2018-5175", "url": "https://bugzilla.suse.com/1092611" }, { "category": "external", "summary": "SUSE Bug 1093969 for CVE-2018-5175", "url": "https://bugzilla.suse.com/1093969" }, { "category": "external", "summary": "SUSE Bug 1093970 for CVE-2018-5175", "url": "https://bugzilla.suse.com/1093970" }, { "category": "external", "summary": "SUSE Bug 1093971 for CVE-2018-5175", "url": "https://bugzilla.suse.com/1093971" }, { "category": "external", "summary": "SUSE Bug 1093972 for CVE-2018-5175", "url": "https://bugzilla.suse.com/1093972" }, { "category": "external", "summary": "SUSE Bug 1093973 for CVE-2018-5175", "url": "https://bugzilla.suse.com/1093973" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 6.1, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0" }, "products": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2019-10-31T07:53:30Z", "details": "important" } ], "title": "CVE-2018-5175" }, { "cve": "CVE-2018-5176", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2018-5176" } ], "notes": [ { "category": "general", "text": "The JSON Viewer displays clickable hyperlinks for strings that are parseable as URLs, including \"javascript:\" links. If a JSON file contains malicious JavaScript script embedded as \"javascript:\" links, users may be tricked into clicking and running this code in the context of the JSON Viewer. This can allow for the theft of cookies and authorization tokens which are accessible to that context. This vulnerability affects Firefox \u003c 60.", "title": "CVE description" } ], "product_status": { "recommended": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2018-5176", "url": "https://www.suse.com/security/cve/CVE-2018-5176" }, { "category": "external", "summary": "SUSE Bug 1092548 for CVE-2018-5176", "url": "https://bugzilla.suse.com/1092548" }, { "category": "external", "summary": "SUSE Bug 1092611 for CVE-2018-5176", "url": "https://bugzilla.suse.com/1092611" }, { "category": "external", "summary": "SUSE Bug 1093969 for CVE-2018-5176", "url": "https://bugzilla.suse.com/1093969" }, { "category": "external", "summary": "SUSE Bug 1093970 for CVE-2018-5176", "url": "https://bugzilla.suse.com/1093970" }, { "category": "external", "summary": "SUSE Bug 1093971 for CVE-2018-5176", "url": "https://bugzilla.suse.com/1093971" }, { "category": "external", "summary": "SUSE Bug 1093972 for CVE-2018-5176", "url": "https://bugzilla.suse.com/1093972" }, { "category": "external", "summary": "SUSE Bug 1093973 for CVE-2018-5176", "url": "https://bugzilla.suse.com/1093973" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 6.1, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0" }, "products": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2019-10-31T07:53:30Z", "details": "important" } ], "title": "CVE-2018-5176" }, { "cve": "CVE-2018-5177", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2018-5177" } ], "notes": [ { "category": "general", "text": "A vulnerability exists in XSLT during number formatting where a negative buffer size may be allocated in some instances, leading to a buffer overflow and crash if it occurs. This vulnerability affects Firefox \u003c 60.", "title": "CVE description" } ], "product_status": { "recommended": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2018-5177", "url": "https://www.suse.com/security/cve/CVE-2018-5177" }, { "category": "external", "summary": "SUSE Bug 1092548 for CVE-2018-5177", "url": "https://bugzilla.suse.com/1092548" }, { "category": "external", "summary": "SUSE Bug 1092611 for CVE-2018-5177", "url": "https://bugzilla.suse.com/1092611" }, { "category": "external", "summary": "SUSE Bug 1093969 for CVE-2018-5177", "url": "https://bugzilla.suse.com/1093969" }, { "category": "external", "summary": "SUSE Bug 1093970 for CVE-2018-5177", "url": "https://bugzilla.suse.com/1093970" }, { "category": "external", "summary": "SUSE Bug 1093971 for CVE-2018-5177", "url": "https://bugzilla.suse.com/1093971" }, { "category": "external", "summary": "SUSE Bug 1093972 for CVE-2018-5177", "url": "https://bugzilla.suse.com/1093972" }, { "category": "external", "summary": "SUSE Bug 1093973 for CVE-2018-5177", "url": "https://bugzilla.suse.com/1093973" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2019-10-31T07:53:30Z", "details": "important" } ], "title": "CVE-2018-5177" }, { "cve": "CVE-2018-5178", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2018-5178" } ], "notes": [ { "category": "general", "text": "A buffer overflow was found during UTF8 to Unicode string conversion within JavaScript with extremely large amounts of data. This vulnerability requires the use of a malicious or vulnerable legacy extension in order to occur. This vulnerability affects Thunderbird ESR \u003c 52.8, Thunderbird \u003c 52.8, and Firefox ESR \u003c 52.8.", "title": "CVE description" } ], "product_status": { "recommended": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2018-5178", "url": "https://www.suse.com/security/cve/CVE-2018-5178" }, { "category": "external", "summary": "SUSE Bug 1092548 for CVE-2018-5178", "url": "https://bugzilla.suse.com/1092548" }, { "category": "external", "summary": "SUSE Bug 1092611 for CVE-2018-5178", "url": "https://bugzilla.suse.com/1092611" }, { "category": "external", "summary": "SUSE Bug 1093969 for CVE-2018-5178", "url": "https://bugzilla.suse.com/1093969" }, { "category": "external", "summary": "SUSE Bug 1093970 for CVE-2018-5178", "url": "https://bugzilla.suse.com/1093970" }, { "category": "external", "summary": "SUSE Bug 1093971 for CVE-2018-5178", "url": "https://bugzilla.suse.com/1093971" }, { "category": "external", "summary": "SUSE Bug 1093972 for CVE-2018-5178", "url": "https://bugzilla.suse.com/1093972" }, { "category": "external", "summary": "SUSE Bug 1093973 for CVE-2018-5178", "url": "https://bugzilla.suse.com/1093973" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 8.1, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2019-10-31T07:53:30Z", "details": "important" } ], "title": "CVE-2018-5178" }, { "cve": "CVE-2018-5179", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2018-5179" } ], "notes": [ { "category": "general", "text": "A service worker can send the activate event on itself periodically which allows it to run perpetually, allowing it to monitor activity by users. Affects all versions prior to Firefox 60.", "title": "CVE description" } ], "product_status": { "recommended": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2018-5179", "url": "https://www.suse.com/security/cve/CVE-2018-5179" }, { "category": "external", "summary": "SUSE Bug 1112111 for CVE-2018-5179", "url": "https://bugzilla.suse.com/1112111" }, { "category": "external", "summary": "SUSE Bug 1119105 for CVE-2018-5179", "url": "https://bugzilla.suse.com/1119105" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2019-10-31T07:53:30Z", "details": "important" } ], "title": "CVE-2018-5179" }, { "cve": "CVE-2018-5180", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2018-5180" } ], "notes": [ { "category": "general", "text": "A use-after-free vulnerability can occur during WebGL operations. While this results in a potentially exploitable crash, the vulnerability is limited because the memory is freed and reused in a brief window of time during the freeing of the same callstack. This vulnerability affects Firefox \u003c 60.", "title": "CVE description" } ], "product_status": { "recommended": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2018-5180", "url": "https://www.suse.com/security/cve/CVE-2018-5180" }, { "category": "external", "summary": "SUSE Bug 1092548 for CVE-2018-5180", "url": "https://bugzilla.suse.com/1092548" }, { "category": "external", "summary": "SUSE Bug 1092611 for CVE-2018-5180", "url": "https://bugzilla.suse.com/1092611" }, { "category": "external", "summary": "SUSE Bug 1093969 for CVE-2018-5180", "url": "https://bugzilla.suse.com/1093969" }, { "category": "external", "summary": "SUSE Bug 1093970 for CVE-2018-5180", "url": "https://bugzilla.suse.com/1093970" }, { "category": "external", "summary": "SUSE Bug 1093971 for CVE-2018-5180", "url": "https://bugzilla.suse.com/1093971" }, { "category": "external", "summary": "SUSE Bug 1093972 for CVE-2018-5180", "url": "https://bugzilla.suse.com/1093972" }, { "category": "external", "summary": "SUSE Bug 1093973 for CVE-2018-5180", "url": "https://bugzilla.suse.com/1093973" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2019-10-31T07:53:30Z", "details": "important" } ], "title": "CVE-2018-5180" }, { "cve": "CVE-2018-5181", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2018-5181" } ], "notes": [ { "category": "general", "text": "If a URL using the \"file:\" protocol is dragged and dropped onto an open tab that is running in a different child process the tab will open a local file corresponding to the dropped URL, contrary to policy. One way to make the target tab open more reliably in a separate process is to open it with the \"noopener\" keyword. This vulnerability affects Firefox \u003c 60.", "title": "CVE description" } ], "product_status": { "recommended": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2018-5181", "url": "https://www.suse.com/security/cve/CVE-2018-5181" }, { "category": "external", "summary": "SUSE Bug 1092548 for CVE-2018-5181", "url": "https://bugzilla.suse.com/1092548" }, { "category": "external", "summary": "SUSE Bug 1092611 for CVE-2018-5181", "url": "https://bugzilla.suse.com/1092611" }, { "category": "external", "summary": "SUSE Bug 1093969 for CVE-2018-5181", "url": "https://bugzilla.suse.com/1093969" }, { "category": "external", "summary": "SUSE Bug 1093970 for CVE-2018-5181", "url": "https://bugzilla.suse.com/1093970" }, { "category": "external", "summary": "SUSE Bug 1093971 for CVE-2018-5181", "url": "https://bugzilla.suse.com/1093971" }, { "category": "external", "summary": "SUSE Bug 1093972 for CVE-2018-5181", "url": "https://bugzilla.suse.com/1093972" }, { "category": "external", "summary": "SUSE Bug 1093973 for CVE-2018-5181", "url": "https://bugzilla.suse.com/1093973" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2019-10-31T07:53:30Z", "details": "important" } ], "title": "CVE-2018-5181" }, { "cve": "CVE-2018-5182", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2018-5182" } ], "notes": [ { "category": "general", "text": "If a text string that happens to be a filename in the operating system\u0027s native format is dragged and dropped onto the addressbar the specified local file will be opened. This is contrary to policy and is what would happen if the string were the equivalent \"file:\" URL. This vulnerability affects Firefox \u003c 60.", "title": "CVE description" } ], "product_status": { "recommended": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2018-5182", "url": "https://www.suse.com/security/cve/CVE-2018-5182" }, { "category": "external", "summary": "SUSE Bug 1092548 for CVE-2018-5182", "url": "https://bugzilla.suse.com/1092548" }, { "category": "external", "summary": "SUSE Bug 1092611 for CVE-2018-5182", "url": "https://bugzilla.suse.com/1092611" }, { "category": "external", "summary": "SUSE Bug 1093969 for CVE-2018-5182", "url": "https://bugzilla.suse.com/1093969" }, { "category": "external", "summary": "SUSE Bug 1093970 for CVE-2018-5182", "url": "https://bugzilla.suse.com/1093970" }, { "category": "external", "summary": "SUSE Bug 1093971 for CVE-2018-5182", "url": "https://bugzilla.suse.com/1093971" }, { "category": "external", "summary": "SUSE Bug 1093972 for CVE-2018-5182", "url": "https://bugzilla.suse.com/1093972" }, { "category": "external", "summary": "SUSE Bug 1093973 for CVE-2018-5182", "url": "https://bugzilla.suse.com/1093973" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2019-10-31T07:53:30Z", "details": "important" } ], "title": "CVE-2018-5182" }, { "cve": "CVE-2018-5183", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2018-5183" } ], "notes": [ { "category": "general", "text": "Mozilla developers backported selected changes in the Skia library. These changes correct memory corruption issues including invalid buffer reads and writes during graphic operations. This vulnerability affects Thunderbird ESR \u003c 52.8, Thunderbird \u003c 52.8, and Firefox ESR \u003c 52.8.", "title": "CVE description" } ], "product_status": { "recommended": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2018-5183", "url": "https://www.suse.com/security/cve/CVE-2018-5183" }, { "category": "external", "summary": "SUSE Bug 1092548 for CVE-2018-5183", "url": "https://bugzilla.suse.com/1092548" }, { "category": "external", "summary": "SUSE Bug 1092611 for CVE-2018-5183", "url": "https://bugzilla.suse.com/1092611" }, { "category": "external", "summary": "SUSE Bug 1093969 for CVE-2018-5183", "url": "https://bugzilla.suse.com/1093969" }, { "category": "external", "summary": "SUSE Bug 1093970 for CVE-2018-5183", "url": "https://bugzilla.suse.com/1093970" }, { "category": "external", "summary": "SUSE Bug 1093971 for CVE-2018-5183", "url": "https://bugzilla.suse.com/1093971" }, { "category": "external", "summary": "SUSE Bug 1093972 for CVE-2018-5183", "url": "https://bugzilla.suse.com/1093972" }, { "category": "external", "summary": "SUSE Bug 1093973 for CVE-2018-5183", "url": "https://bugzilla.suse.com/1093973" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2019-10-31T07:53:30Z", "details": "important" } ], "title": "CVE-2018-5183" }, { "cve": "CVE-2019-11757", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2019-11757" } ], "notes": [ { "category": "general", "text": "When following the value\u0027s prototype chain, it was possible to retain a reference to a locale, delete it, and subsequently reference it. This resulted in a use-after-free and a potentially exploitable crash. This vulnerability affects Firefox \u003c 70, Thunderbird \u003c 68.2, and Firefox ESR \u003c 68.2.", "title": "CVE description" } ], "product_status": { "recommended": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2019-11757", "url": "https://www.suse.com/security/cve/CVE-2019-11757" }, { "category": "external", "summary": "SUSE Bug 1154738 for CVE-2019-11757", "url": "https://bugzilla.suse.com/1154738" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2019-10-31T07:53:30Z", "details": "important" } ], "title": "CVE-2019-11757" }, { "cve": "CVE-2019-11758", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2019-11758" } ], "notes": [ { "category": "general", "text": "Mozilla community member Philipp reported a memory safety bug present in Firefox 68 when 360 Total Security was installed. This bug showed evidence of memory corruption in the accessibility engine and we presume that with enough effort that it could be exploited to run arbitrary code. This vulnerability affects Firefox \u003c 69, Thunderbird \u003c 68.2, and Firefox ESR \u003c 68.2.", "title": "CVE description" } ], "product_status": { "recommended": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2019-11758", "url": "https://www.suse.com/security/cve/CVE-2019-11758" }, { "category": "external", "summary": "SUSE Bug 1154738 for CVE-2019-11758", "url": "https://bugzilla.suse.com/1154738" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2019-10-31T07:53:30Z", "details": "important" } ], "title": "CVE-2019-11758" }, { "cve": "CVE-2019-11759", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2019-11759" } ], "notes": [ { "category": "general", "text": "An attacker could have caused 4 bytes of HMAC output to be written past the end of a buffer stored on the stack. This could be used by an attacker to execute arbitrary code or more likely lead to a crash. This vulnerability affects Firefox \u003c 70, Thunderbird \u003c 68.2, and Firefox ESR \u003c 68.2.", "title": "CVE description" } ], "product_status": { "recommended": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2019-11759", "url": "https://www.suse.com/security/cve/CVE-2019-11759" }, { "category": "external", "summary": "SUSE Bug 1154738 for CVE-2019-11759", "url": "https://bugzilla.suse.com/1154738" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2019-10-31T07:53:30Z", "details": "important" } ], "title": "CVE-2019-11759" }, { "cve": "CVE-2019-11760", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2019-11760" } ], "notes": [ { "category": "general", "text": "A fixed-size stack buffer could overflow in nrappkit when doing WebRTC signaling. This resulted in a potentially exploitable crash in some instances. This vulnerability affects Firefox \u003c 70, Thunderbird \u003c 68.2, and Firefox ESR \u003c 68.2.", "title": "CVE description" } ], "product_status": { "recommended": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2019-11760", "url": "https://www.suse.com/security/cve/CVE-2019-11760" }, { "category": "external", "summary": "SUSE Bug 1154738 for CVE-2019-11760", "url": "https://bugzilla.suse.com/1154738" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2019-10-31T07:53:30Z", "details": "important" } ], "title": "CVE-2019-11760" }, { "cve": "CVE-2019-11761", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2019-11761" } ], "notes": [ { "category": "general", "text": "By using a form with a data URI it was possible to gain access to the privileged JSONView object that had been cloned into content. Impact from exposing this object appears to be minimal, however it was a bypass of existing defense in depth mechanisms. This vulnerability affects Firefox \u003c 70, Thunderbird \u003c 68.2, and Firefox ESR \u003c 68.2.", "title": "CVE description" } ], "product_status": { "recommended": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2019-11761", "url": "https://www.suse.com/security/cve/CVE-2019-11761" }, { "category": "external", "summary": "SUSE Bug 1154738 for CVE-2019-11761", "url": "https://bugzilla.suse.com/1154738" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.4, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N", "version": "3.1" }, "products": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2019-10-31T07:53:30Z", "details": "important" } ], "title": "CVE-2019-11761" }, { "cve": "CVE-2019-11762", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2019-11762" } ], "notes": [ { "category": "general", "text": "If two same-origin documents set document.domain differently to become cross-origin, it was possible for them to call arbitrary DOM methods/getters/setters on the now-cross-origin window. This vulnerability affects Firefox \u003c 70, Thunderbird \u003c 68.2, and Firefox ESR \u003c 68.2.", "title": "CVE description" } ], "product_status": { "recommended": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2019-11762", "url": "https://www.suse.com/security/cve/CVE-2019-11762" }, { "category": "external", "summary": "SUSE Bug 1154738 for CVE-2019-11762", "url": "https://bugzilla.suse.com/1154738" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 6.1, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2019-10-31T07:53:30Z", "details": "important" } ], "title": "CVE-2019-11762" }, { "cve": "CVE-2019-11763", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2019-11763" } ], "notes": [ { "category": "general", "text": "Failure to correctly handle null bytes when processing HTML entities resulted in Firefox incorrectly parsing these entities. This could have led to HTML comment text being treated as HTML which could have led to XSS in a web application under certain conditions. It could have also led to HTML entities being masked from filters - enabling the use of entities to mask the actual characters of interest from filters. This vulnerability affects Firefox \u003c 70, Thunderbird \u003c 68.2, and Firefox ESR \u003c 68.2.", "title": "CVE description" } ], "product_status": { "recommended": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2019-11763", "url": "https://www.suse.com/security/cve/CVE-2019-11763" }, { "category": "external", "summary": "SUSE Bug 1154738 for CVE-2019-11763", "url": "https://bugzilla.suse.com/1154738" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 6.1, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2019-10-31T07:53:30Z", "details": "important" } ], "title": "CVE-2019-11763" }, { "cve": "CVE-2019-11764", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2019-11764" } ], "notes": [ { "category": "general", "text": "Mozilla developers and community members reported memory safety bugs present in Firefox 69 and Firefox ESR 68.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could be exploited to run arbitrary code. This vulnerability affects Firefox \u003c 70, Thunderbird \u003c 68.2, and Firefox ESR \u003c 68.2.", "title": "CVE description" } ], "product_status": { "recommended": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2019-11764", "url": "https://www.suse.com/security/cve/CVE-2019-11764" }, { "category": "external", "summary": "SUSE Bug 1154738 for CVE-2019-11764", "url": "https://bugzilla.suse.com/1154738" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2019-10-31T07:53:30Z", "details": "important" } ], "title": "CVE-2019-11764" }, { "cve": "CVE-2019-15903", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2019-15903" } ], "notes": [ { "category": "general", "text": "In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a consecutive call to XML_GetCurrentLineNumber (or XML_GetCurrentColumnNumber) then resulted in a heap-based buffer over-read.", "title": "CVE description" } ], "product_status": { "recommended": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2019-15903", "url": "https://www.suse.com/security/cve/CVE-2019-15903" }, { "category": "external", "summary": "SUSE Bug 1149429 for CVE-2019-15903", "url": "https://bugzilla.suse.com/1149429" }, { "category": "external", "summary": "SUSE Bug 1154738 for CVE-2019-15903", "url": "https://bugzilla.suse.com/1154738" }, { "category": "external", "summary": "SUSE Bug 1154806 for CVE-2019-15903", "url": "https://bugzilla.suse.com/1154806" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "HPE Helion OpenStack 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "HPE Helion OpenStack 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-devel-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.s390x", "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-68.2.0-109.95.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2019-10-31T07:53:30Z", "details": "important" } ], "title": "CVE-2019-15903" } ] }
opensuse-su-2024:14572-1
Vulnerability from csaf_opensuse
Notes
{ "document": { "aggregate_severity": { "namespace": "https://www.suse.com/support/security/rating/", "text": "moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright 2024 SUSE LLC. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "firefox-esr-128.5.1-1.1 on GA media", "title": "Title of the patch" }, { "category": "description", "text": "These are all security issues fixed in the firefox-esr-128.5.1-1.1 package on the GA media of openSUSE Tumbleweed.", "title": "Description of the patch" }, { "category": "details", "text": "openSUSE-Tumbleweed-2024-14572", "title": "Patchnames" }, { "category": "legal_disclaimer", "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", "title": "Terms of use" } ], "publisher": { "category": "vendor", "contact_details": "https://www.suse.com/support/security/contact/", "name": "SUSE Product Security Team", "namespace": "https://www.suse.com/" }, "references": [ { "category": "external", "summary": "SUSE ratings", "url": "https://www.suse.com/support/security/rating/" }, { "category": "self", "summary": "URL of this CSAF notice", "url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_14572-1.json" }, { "category": "self", "summary": "URL for openSUSE-SU-2024:14572-1", "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/3HI2RC7AJAHY74Q6MK7GNGWU6TITB22V/" }, { "category": "self", "summary": "E-Mail link for openSUSE-SU-2024:14572-1", "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/3HI2RC7AJAHY74Q6MK7GNGWU6TITB22V/" }, { "category": "self", "summary": "SUSE CVE CVE-2006-6077 page", "url": "https://www.suse.com/security/cve/CVE-2006-6077/" }, { "category": "self", "summary": "SUSE CVE CVE-2007-0008 page", "url": "https://www.suse.com/security/cve/CVE-2007-0008/" }, { "category": "self", "summary": "SUSE CVE CVE-2007-0009 page", "url": "https://www.suse.com/security/cve/CVE-2007-0009/" }, { "category": "self", "summary": "SUSE CVE CVE-2007-0078 page", "url": "https://www.suse.com/security/cve/CVE-2007-0078/" }, { "category": "self", "summary": "SUSE CVE CVE-2007-0079 page", "url": "https://www.suse.com/security/cve/CVE-2007-0079/" }, { "category": "self", "summary": "SUSE CVE CVE-2007-0775 page", "url": "https://www.suse.com/security/cve/CVE-2007-0775/" }, { "category": "self", "summary": "SUSE CVE CVE-2007-0776 page", "url": "https://www.suse.com/security/cve/CVE-2007-0776/" }, { "category": "self", "summary": "SUSE CVE CVE-2007-0777 page", "url": "https://www.suse.com/security/cve/CVE-2007-0777/" }, { "category": "self", "summary": "SUSE CVE CVE-2007-0780 page", "url": "https://www.suse.com/security/cve/CVE-2007-0780/" }, { "category": "self", "summary": "SUSE CVE CVE-2007-0800 page", "url": "https://www.suse.com/security/cve/CVE-2007-0800/" }, { "category": "self", "summary": "SUSE CVE CVE-2007-0981 page", "url": "https://www.suse.com/security/cve/CVE-2007-0981/" }, { "category": "self", "summary": "SUSE CVE CVE-2007-0995 page", "url": "https://www.suse.com/security/cve/CVE-2007-0995/" }, { "category": "self", "summary": "SUSE CVE CVE-2007-0996 page", "url": "https://www.suse.com/security/cve/CVE-2007-0996/" }, { "category": "self", "summary": "SUSE CVE CVE-2007-3089 page", "url": "https://www.suse.com/security/cve/CVE-2007-3089/" }, { "category": "self", "summary": "SUSE CVE CVE-2007-3285 page", "url": "https://www.suse.com/security/cve/CVE-2007-3285/" }, { "category": "self", "summary": "SUSE CVE CVE-2007-3656 page", "url": "https://www.suse.com/security/cve/CVE-2007-3656/" }, { "category": "self", "summary": "SUSE CVE CVE-2007-3670 page", "url": "https://www.suse.com/security/cve/CVE-2007-3670/" }, { "category": "self", "summary": "SUSE CVE CVE-2007-3734 page", "url": "https://www.suse.com/security/cve/CVE-2007-3734/" }, { "category": "self", "summary": "SUSE CVE CVE-2007-3735 page", "url": "https://www.suse.com/security/cve/CVE-2007-3735/" }, { "category": "self", "summary": "SUSE CVE CVE-2007-3736 page", "url": "https://www.suse.com/security/cve/CVE-2007-3736/" }, { "category": "self", "summary": "SUSE CVE CVE-2007-3737 page", "url": "https://www.suse.com/security/cve/CVE-2007-3737/" }, { "category": "self", "summary": "SUSE CVE CVE-2007-3738 page", "url": "https://www.suse.com/security/cve/CVE-2007-3738/" }, { "category": "self", "summary": "SUSE CVE CVE-2008-0412 page", "url": "https://www.suse.com/security/cve/CVE-2008-0412/" }, { "category": "self", "summary": "SUSE CVE CVE-2008-0414 page", "url": "https://www.suse.com/security/cve/CVE-2008-0414/" }, { "category": "self", "summary": "SUSE CVE CVE-2008-0415 page", "url": "https://www.suse.com/security/cve/CVE-2008-0415/" }, { "category": "self", "summary": "SUSE CVE CVE-2008-0417 page", "url": "https://www.suse.com/security/cve/CVE-2008-0417/" }, { "category": "self", "summary": "SUSE CVE CVE-2008-0418 page", "url": "https://www.suse.com/security/cve/CVE-2008-0418/" }, { "category": "self", "summary": "SUSE CVE CVE-2008-0419 page", "url": "https://www.suse.com/security/cve/CVE-2008-0419/" }, { "category": "self", "summary": "SUSE CVE CVE-2008-0591 page", "url": "https://www.suse.com/security/cve/CVE-2008-0591/" }, { "category": "self", "summary": "SUSE CVE CVE-2008-0592 page", "url": "https://www.suse.com/security/cve/CVE-2008-0592/" }, { "category": "self", "summary": "SUSE CVE CVE-2008-0593 page", "url": "https://www.suse.com/security/cve/CVE-2008-0593/" }, { "category": "self", "summary": "SUSE CVE CVE-2008-0594 page", "url": "https://www.suse.com/security/cve/CVE-2008-0594/" }, { "category": "self", "summary": "SUSE CVE CVE-2008-4063 page", "url": "https://www.suse.com/security/cve/CVE-2008-4063/" }, { "category": "self", "summary": "SUSE CVE CVE-2008-5913 page", "url": "https://www.suse.com/security/cve/CVE-2008-5913/" }, { "category": "self", "summary": "SUSE CVE CVE-2009-0040 page", "url": "https://www.suse.com/security/cve/CVE-2009-0040/" }, { "category": "self", "summary": "SUSE CVE CVE-2009-0352 page", "url": "https://www.suse.com/security/cve/CVE-2009-0352/" }, { "category": "self", "summary": "SUSE CVE CVE-2009-0354 page", "url": "https://www.suse.com/security/cve/CVE-2009-0354/" }, { "category": "self", "summary": "SUSE CVE CVE-2009-0355 page", "url": "https://www.suse.com/security/cve/CVE-2009-0355/" }, { "category": "self", "summary": "SUSE CVE CVE-2009-0356 page", "url": "https://www.suse.com/security/cve/CVE-2009-0356/" }, { "category": "self", "summary": "SUSE CVE CVE-2009-0357 page", "url": "https://www.suse.com/security/cve/CVE-2009-0357/" }, { "category": "self", "summary": "SUSE CVE CVE-2009-0358 page", "url": "https://www.suse.com/security/cve/CVE-2009-0358/" }, { "category": "self", "summary": "SUSE CVE CVE-2009-0652 page", "url": "https://www.suse.com/security/cve/CVE-2009-0652/" }, { "category": "self", "summary": "SUSE CVE CVE-2009-0771 page", "url": "https://www.suse.com/security/cve/CVE-2009-0771/" }, { "category": "self", "summary": "SUSE CVE CVE-2009-0772 page", "url": "https://www.suse.com/security/cve/CVE-2009-0772/" }, { "category": "self", "summary": "SUSE CVE CVE-2009-0773 page", "url": "https://www.suse.com/security/cve/CVE-2009-0773/" }, { "category": "self", "summary": "SUSE CVE CVE-2009-0774 page", "url": "https://www.suse.com/security/cve/CVE-2009-0774/" }, { "category": "self", "summary": "SUSE CVE CVE-2009-0775 page", "url": "https://www.suse.com/security/cve/CVE-2009-0775/" }, { "category": "self", "summary": "SUSE CVE CVE-2009-0776 page", "url": "https://www.suse.com/security/cve/CVE-2009-0776/" }, { "category": "self", "summary": "SUSE CVE CVE-2009-0777 page", "url": "https://www.suse.com/security/cve/CVE-2009-0777/" }, { "category": "self", "summary": "SUSE CVE CVE-2009-1044 page", "url": "https://www.suse.com/security/cve/CVE-2009-1044/" }, { "category": "self", "summary": "SUSE CVE CVE-2009-1169 page", "url": "https://www.suse.com/security/cve/CVE-2009-1169/" }, { "category": "self", "summary": "SUSE CVE CVE-2009-1302 page", "url": "https://www.suse.com/security/cve/CVE-2009-1302/" }, { "category": "self", "summary": "SUSE CVE CVE-2009-1306 page", "url": "https://www.suse.com/security/cve/CVE-2009-1306/" }, { "category": "self", "summary": "SUSE CVE CVE-2009-1307 page", "url": "https://www.suse.com/security/cve/CVE-2009-1307/" }, { "category": "self", "summary": "SUSE CVE CVE-2009-1308 page", "url": "https://www.suse.com/security/cve/CVE-2009-1308/" }, { "category": "self", "summary": "SUSE CVE CVE-2009-1309 page", "url": "https://www.suse.com/security/cve/CVE-2009-1309/" }, { "category": "self", "summary": "SUSE CVE CVE-2009-1310 page", "url": "https://www.suse.com/security/cve/CVE-2009-1310/" }, { "category": "self", "summary": "SUSE CVE CVE-2009-1311 page", "url": "https://www.suse.com/security/cve/CVE-2009-1311/" }, { "category": "self", "summary": "SUSE CVE CVE-2009-1312 page", "url": "https://www.suse.com/security/cve/CVE-2009-1312/" }, { "category": "self", "summary": "SUSE CVE CVE-2009-1313 page", "url": "https://www.suse.com/security/cve/CVE-2009-1313/" }, { "category": "self", "summary": "SUSE CVE CVE-2009-1563 page", "url": "https://www.suse.com/security/cve/CVE-2009-1563/" }, { "category": "self", "summary": "SUSE CVE CVE-2009-2470 page", "url": "https://www.suse.com/security/cve/CVE-2009-2470/" }, { "category": "self", "summary": "SUSE CVE CVE-2009-2654 page", "url": "https://www.suse.com/security/cve/CVE-2009-2654/" }, { "category": "self", "summary": "SUSE CVE CVE-2009-3069 page", "url": "https://www.suse.com/security/cve/CVE-2009-3069/" }, { "category": "self", "summary": "SUSE CVE CVE-2009-3072 page", "url": "https://www.suse.com/security/cve/CVE-2009-3072/" }, { "category": "self", "summary": "SUSE CVE CVE-2009-3077 page", "url": "https://www.suse.com/security/cve/CVE-2009-3077/" }, { "category": "self", "summary": "SUSE CVE CVE-2009-3078 page", "url": "https://www.suse.com/security/cve/CVE-2009-3078/" }, { "category": "self", "summary": "SUSE CVE CVE-2009-3079 page", "url": "https://www.suse.com/security/cve/CVE-2009-3079/" }, { "category": "self", "summary": "SUSE CVE CVE-2009-3274 page", "url": "https://www.suse.com/security/cve/CVE-2009-3274/" }, { "category": "self", "summary": "SUSE CVE CVE-2009-3370 page", "url": "https://www.suse.com/security/cve/CVE-2009-3370/" }, { "category": "self", "summary": "SUSE CVE CVE-2009-3371 page", "url": "https://www.suse.com/security/cve/CVE-2009-3371/" }, { "category": "self", "summary": "SUSE CVE CVE-2009-3372 page", "url": "https://www.suse.com/security/cve/CVE-2009-3372/" }, { "category": "self", "summary": "SUSE CVE CVE-2009-3373 page", "url": "https://www.suse.com/security/cve/CVE-2009-3373/" }, { "category": "self", "summary": "SUSE CVE CVE-2009-3374 page", "url": "https://www.suse.com/security/cve/CVE-2009-3374/" }, { "category": "self", "summary": "SUSE CVE CVE-2009-3375 page", "url": "https://www.suse.com/security/cve/CVE-2009-3375/" }, { "category": "self", "summary": "SUSE CVE CVE-2009-3376 page", "url": "https://www.suse.com/security/cve/CVE-2009-3376/" }, { "category": "self", "summary": "SUSE CVE CVE-2009-3377 page", "url": "https://www.suse.com/security/cve/CVE-2009-3377/" }, { "category": "self", "summary": "SUSE CVE CVE-2009-3380 page", "url": "https://www.suse.com/security/cve/CVE-2009-3380/" }, { "category": "self", "summary": "SUSE CVE CVE-2009-3388 page", "url": "https://www.suse.com/security/cve/CVE-2009-3388/" }, { "category": "self", "summary": "SUSE CVE CVE-2009-3389 page", "url": "https://www.suse.com/security/cve/CVE-2009-3389/" }, { "category": "self", "summary": "SUSE CVE CVE-2009-3555 page", "url": "https://www.suse.com/security/cve/CVE-2009-3555/" }, { "category": "self", "summary": "SUSE CVE CVE-2009-3979 page", "url": "https://www.suse.com/security/cve/CVE-2009-3979/" }, { "category": "self", "summary": "SUSE CVE CVE-2009-3983 page", "url": "https://www.suse.com/security/cve/CVE-2009-3983/" }, { "category": "self", "summary": "SUSE CVE CVE-2009-3984 page", "url": "https://www.suse.com/security/cve/CVE-2009-3984/" }, { "category": "self", "summary": "SUSE CVE CVE-2010-0164 page", "url": "https://www.suse.com/security/cve/CVE-2010-0164/" }, { "category": "self", "summary": "SUSE CVE CVE-2010-0165 page", "url": "https://www.suse.com/security/cve/CVE-2010-0165/" }, { "category": "self", "summary": "SUSE CVE CVE-2010-0168 page", "url": "https://www.suse.com/security/cve/CVE-2010-0168/" }, { "category": "self", "summary": "SUSE CVE CVE-2010-0169 page", "url": "https://www.suse.com/security/cve/CVE-2010-0169/" }, { "category": "self", "summary": "SUSE CVE CVE-2010-0170 page", "url": "https://www.suse.com/security/cve/CVE-2010-0170/" }, { "category": "self", "summary": "SUSE CVE CVE-2010-0171 page", "url": "https://www.suse.com/security/cve/CVE-2010-0171/" }, { "category": "self", "summary": "SUSE CVE CVE-2010-0172 page", "url": "https://www.suse.com/security/cve/CVE-2010-0172/" }, { "category": "self", "summary": "SUSE CVE CVE-2010-0173 page", "url": "https://www.suse.com/security/cve/CVE-2010-0173/" }, { "category": "self", "summary": "SUSE CVE CVE-2010-0176 page", "url": "https://www.suse.com/security/cve/CVE-2010-0176/" }, { "category": "self", "summary": "SUSE CVE CVE-2010-0177 page", "url": "https://www.suse.com/security/cve/CVE-2010-0177/" }, { "category": "self", "summary": "SUSE CVE CVE-2010-0178 page", "url": "https://www.suse.com/security/cve/CVE-2010-0178/" }, { "category": "self", "summary": "SUSE CVE CVE-2010-0181 page", "url": "https://www.suse.com/security/cve/CVE-2010-0181/" }, { "category": "self", "summary": "SUSE CVE CVE-2010-0182 page", "url": "https://www.suse.com/security/cve/CVE-2010-0182/" }, { "category": "self", "summary": "SUSE CVE CVE-2010-0654 page", "url": "https://www.suse.com/security/cve/CVE-2010-0654/" }, { "category": "self", "summary": "SUSE CVE CVE-2010-1028 page", "url": "https://www.suse.com/security/cve/CVE-2010-1028/" }, { "category": "self", "summary": "SUSE CVE CVE-2010-1121 page", "url": "https://www.suse.com/security/cve/CVE-2010-1121/" }, { "category": "self", "summary": "SUSE CVE CVE-2010-1125 page", "url": "https://www.suse.com/security/cve/CVE-2010-1125/" }, { "category": "self", "summary": "SUSE CVE CVE-2010-1196 page", "url": "https://www.suse.com/security/cve/CVE-2010-1196/" }, { "category": "self", "summary": "SUSE CVE CVE-2010-1197 page", "url": "https://www.suse.com/security/cve/CVE-2010-1197/" }, { "category": "self", "summary": "SUSE CVE CVE-2010-1198 page", "url": "https://www.suse.com/security/cve/CVE-2010-1198/" }, { "category": "self", "summary": "SUSE CVE CVE-2010-1199 page", "url": "https://www.suse.com/security/cve/CVE-2010-1199/" }, { "category": "self", "summary": "SUSE CVE CVE-2010-1200 page", "url": "https://www.suse.com/security/cve/CVE-2010-1200/" }, { "category": "self", "summary": "SUSE CVE CVE-2010-1203 page", "url": "https://www.suse.com/security/cve/CVE-2010-1203/" }, { "category": "self", "summary": "SUSE CVE CVE-2010-1205 page", "url": "https://www.suse.com/security/cve/CVE-2010-1205/" }, { "category": "self", "summary": "SUSE CVE CVE-2010-1206 page", "url": "https://www.suse.com/security/cve/CVE-2010-1206/" }, { "category": "self", "summary": "SUSE CVE CVE-2010-1207 page", "url": "https://www.suse.com/security/cve/CVE-2010-1207/" }, { "category": "self", "summary": "SUSE CVE CVE-2010-1208 page", "url": "https://www.suse.com/security/cve/CVE-2010-1208/" }, { "category": "self", "summary": "SUSE CVE CVE-2010-1209 page", "url": "https://www.suse.com/security/cve/CVE-2010-1209/" }, { "category": "self", "summary": "SUSE CVE CVE-2010-1210 page", "url": "https://www.suse.com/security/cve/CVE-2010-1210/" }, { "category": "self", "summary": "SUSE CVE CVE-2010-1211 page", "url": "https://www.suse.com/security/cve/CVE-2010-1211/" }, { "category": "self", "summary": "SUSE CVE CVE-2010-1213 page", "url": "https://www.suse.com/security/cve/CVE-2010-1213/" }, { "category": "self", "summary": "SUSE CVE CVE-2010-1214 page", "url": "https://www.suse.com/security/cve/CVE-2010-1214/" }, { "category": "self", "summary": "SUSE CVE CVE-2010-1215 page", "url": "https://www.suse.com/security/cve/CVE-2010-1215/" }, { "category": "self", "summary": "SUSE CVE CVE-2010-2752 page", "url": "https://www.suse.com/security/cve/CVE-2010-2752/" }, { "category": "self", "summary": "SUSE CVE CVE-2010-2753 page", "url": "https://www.suse.com/security/cve/CVE-2010-2753/" }, { "category": "self", "summary": "SUSE CVE CVE-2010-2754 page", "url": "https://www.suse.com/security/cve/CVE-2010-2754/" }, { "category": "self", "summary": "SUSE CVE CVE-2010-2755 page", "url": "https://www.suse.com/security/cve/CVE-2010-2755/" }, { "category": "self", "summary": "SUSE CVE CVE-2010-2760 page", "url": "https://www.suse.com/security/cve/CVE-2010-2760/" }, { "category": "self", "summary": "SUSE CVE CVE-2010-2762 page", "url": "https://www.suse.com/security/cve/CVE-2010-2762/" }, { "category": "self", "summary": "SUSE CVE CVE-2010-2764 page", "url": "https://www.suse.com/security/cve/CVE-2010-2764/" }, { "category": "self", "summary": "SUSE CVE CVE-2010-2765 page", "url": "https://www.suse.com/security/cve/CVE-2010-2765/" }, { "category": "self", "summary": "SUSE CVE CVE-2010-2766 page", "url": "https://www.suse.com/security/cve/CVE-2010-2766/" }, { "category": "self", "summary": "SUSE CVE CVE-2010-2767 page", "url": "https://www.suse.com/security/cve/CVE-2010-2767/" }, { "category": "self", "summary": "SUSE CVE CVE-2010-2768 page", "url": "https://www.suse.com/security/cve/CVE-2010-2768/" }, { "category": "self", "summary": "SUSE CVE CVE-2010-2769 page", "url": "https://www.suse.com/security/cve/CVE-2010-2769/" }, { "category": "self", "summary": "SUSE CVE CVE-2010-3166 page", "url": "https://www.suse.com/security/cve/CVE-2010-3166/" }, { "category": "self", "summary": "SUSE CVE CVE-2010-3167 page", "url": "https://www.suse.com/security/cve/CVE-2010-3167/" }, { "category": "self", "summary": "SUSE CVE CVE-2010-3168 page", "url": "https://www.suse.com/security/cve/CVE-2010-3168/" }, { "category": "self", "summary": "SUSE CVE CVE-2010-3169 page", "url": "https://www.suse.com/security/cve/CVE-2010-3169/" }, { "category": "self", "summary": "SUSE CVE CVE-2010-3170 page", "url": "https://www.suse.com/security/cve/CVE-2010-3170/" }, { "category": "self", "summary": "SUSE CVE CVE-2010-3173 page", "url": "https://www.suse.com/security/cve/CVE-2010-3173/" }, { "category": "self", "summary": "SUSE CVE CVE-2010-3174 page", "url": "https://www.suse.com/security/cve/CVE-2010-3174/" }, { "category": "self", "summary": "SUSE CVE CVE-2010-3177 page", "url": "https://www.suse.com/security/cve/CVE-2010-3177/" }, { "category": "self", "summary": "SUSE CVE CVE-2010-3178 page", "url": "https://www.suse.com/security/cve/CVE-2010-3178/" }, { "category": "self", "summary": "SUSE CVE CVE-2010-3179 page", "url": "https://www.suse.com/security/cve/CVE-2010-3179/" }, { "category": "self", "summary": "SUSE CVE CVE-2010-3180 page", "url": "https://www.suse.com/security/cve/CVE-2010-3180/" }, { "category": "self", "summary": "SUSE CVE CVE-2010-3182 page", "url": "https://www.suse.com/security/cve/CVE-2010-3182/" }, { "category": "self", "summary": "SUSE CVE CVE-2010-3183 page", "url": "https://www.suse.com/security/cve/CVE-2010-3183/" }, { "category": "self", "summary": "SUSE CVE CVE-2010-3765 page", "url": "https://www.suse.com/security/cve/CVE-2010-3765/" }, { "category": "self", "summary": "SUSE CVE CVE-2011-0068 page", "url": "https://www.suse.com/security/cve/CVE-2011-0068/" }, { "category": "self", "summary": "SUSE CVE CVE-2011-0069 page", "url": "https://www.suse.com/security/cve/CVE-2011-0069/" }, { "category": "self", "summary": "SUSE CVE CVE-2011-0080 page", "url": "https://www.suse.com/security/cve/CVE-2011-0080/" }, { "category": "self", "summary": "SUSE CVE CVE-2011-0084 page", "url": "https://www.suse.com/security/cve/CVE-2011-0084/" }, { "category": "self", "summary": "SUSE CVE CVE-2011-1187 page", "url": "https://www.suse.com/security/cve/CVE-2011-1187/" }, { "category": "self", "summary": "SUSE CVE CVE-2011-1202 page", "url": "https://www.suse.com/security/cve/CVE-2011-1202/" }, { "category": "self", "summary": "SUSE CVE CVE-2011-2366 page", "url": "https://www.suse.com/security/cve/CVE-2011-2366/" }, { "category": "self", "summary": "SUSE CVE CVE-2011-2367 page", "url": "https://www.suse.com/security/cve/CVE-2011-2367/" }, { "category": "self", "summary": "SUSE CVE CVE-2011-2369 page", "url": "https://www.suse.com/security/cve/CVE-2011-2369/" }, { "category": "self", "summary": "SUSE CVE CVE-2011-2370 page", "url": "https://www.suse.com/security/cve/CVE-2011-2370/" }, { "category": "self", "summary": "SUSE CVE CVE-2011-2371 page", "url": "https://www.suse.com/security/cve/CVE-2011-2371/" }, { "category": "self", "summary": "SUSE CVE CVE-2011-2372 page", "url": "https://www.suse.com/security/cve/CVE-2011-2372/" }, { "category": "self", "summary": "SUSE CVE CVE-2011-2373 page", "url": "https://www.suse.com/security/cve/CVE-2011-2373/" }, { "category": "self", "summary": "SUSE CVE CVE-2011-2374 page", "url": "https://www.suse.com/security/cve/CVE-2011-2374/" }, { "category": "self", "summary": "SUSE CVE CVE-2011-2377 page", "url": "https://www.suse.com/security/cve/CVE-2011-2377/" }, { "category": "self", "summary": "SUSE CVE CVE-2011-2986 page", "url": "https://www.suse.com/security/cve/CVE-2011-2986/" }, { "category": "self", "summary": "SUSE CVE CVE-2011-2988 page", "url": "https://www.suse.com/security/cve/CVE-2011-2988/" }, { "category": "self", "summary": "SUSE CVE CVE-2011-2989 page", "url": "https://www.suse.com/security/cve/CVE-2011-2989/" }, { "category": "self", "summary": "SUSE CVE CVE-2011-2990 page", "url": "https://www.suse.com/security/cve/CVE-2011-2990/" }, { "category": "self", "summary": "SUSE CVE CVE-2011-2993 page", "url": "https://www.suse.com/security/cve/CVE-2011-2993/" }, { "category": "self", "summary": "SUSE CVE CVE-2011-2995 page", "url": "https://www.suse.com/security/cve/CVE-2011-2995/" }, { "category": "self", "summary": "SUSE CVE CVE-2011-3000 page", "url": "https://www.suse.com/security/cve/CVE-2011-3000/" }, { "category": "self", "summary": "SUSE CVE CVE-2011-3002 page", "url": "https://www.suse.com/security/cve/CVE-2011-3002/" }, { "category": "self", "summary": "SUSE CVE CVE-2011-3004 page", "url": "https://www.suse.com/security/cve/CVE-2011-3004/" }, { "category": "self", "summary": "SUSE CVE CVE-2011-3005 page", "url": "https://www.suse.com/security/cve/CVE-2011-3005/" }, { "category": "self", "summary": "SUSE CVE CVE-2011-3026 page", "url": "https://www.suse.com/security/cve/CVE-2011-3026/" }, { "category": "self", "summary": "SUSE CVE CVE-2011-3062 page", "url": "https://www.suse.com/security/cve/CVE-2011-3062/" }, { "category": "self", "summary": "SUSE CVE CVE-2011-3079 page", "url": "https://www.suse.com/security/cve/CVE-2011-3079/" }, { "category": "self", "summary": "SUSE CVE CVE-2011-3232 page", "url": "https://www.suse.com/security/cve/CVE-2011-3232/" }, { "category": "self", "summary": "SUSE CVE CVE-2011-3648 page", "url": "https://www.suse.com/security/cve/CVE-2011-3648/" }, { "category": "self", "summary": "SUSE CVE CVE-2011-3650 page", "url": "https://www.suse.com/security/cve/CVE-2011-3650/" }, { "category": "self", "summary": "SUSE CVE CVE-2011-3651 page", "url": "https://www.suse.com/security/cve/CVE-2011-3651/" }, { "category": "self", "summary": "SUSE CVE CVE-2011-3655 page", "url": "https://www.suse.com/security/cve/CVE-2011-3655/" }, { "category": "self", "summary": "SUSE CVE CVE-2011-3658 page", "url": "https://www.suse.com/security/cve/CVE-2011-3658/" }, { "category": "self", "summary": "SUSE CVE CVE-2011-3659 page", "url": "https://www.suse.com/security/cve/CVE-2011-3659/" }, { "category": "self", "summary": "SUSE CVE CVE-2011-3660 page", "url": "https://www.suse.com/security/cve/CVE-2011-3660/" }, { "category": "self", "summary": "SUSE CVE CVE-2011-3661 page", "url": "https://www.suse.com/security/cve/CVE-2011-3661/" }, { "category": "self", "summary": "SUSE CVE CVE-2011-3663 page", "url": "https://www.suse.com/security/cve/CVE-2011-3663/" }, { "category": "self", "summary": "SUSE CVE CVE-2012-0441 page", "url": "https://www.suse.com/security/cve/CVE-2012-0441/" }, { "category": "self", "summary": "SUSE CVE CVE-2012-0442 page", "url": "https://www.suse.com/security/cve/CVE-2012-0442/" }, { "category": "self", "summary": "SUSE CVE CVE-2012-0444 page", "url": "https://www.suse.com/security/cve/CVE-2012-0444/" }, { "category": "self", "summary": "SUSE CVE CVE-2012-0445 page", "url": "https://www.suse.com/security/cve/CVE-2012-0445/" }, { "category": "self", "summary": "SUSE CVE CVE-2012-0446 page", "url": "https://www.suse.com/security/cve/CVE-2012-0446/" }, { "category": "self", "summary": "SUSE CVE CVE-2012-0447 page", "url": "https://www.suse.com/security/cve/CVE-2012-0447/" }, { "category": "self", "summary": "SUSE CVE CVE-2012-0449 page", "url": "https://www.suse.com/security/cve/CVE-2012-0449/" }, { "category": "self", "summary": "SUSE CVE CVE-2012-0451 page", "url": "https://www.suse.com/security/cve/CVE-2012-0451/" }, { "category": "self", "summary": "SUSE CVE CVE-2012-0452 page", "url": "https://www.suse.com/security/cve/CVE-2012-0452/" }, { "category": "self", "summary": "SUSE CVE CVE-2012-0455 page", "url": "https://www.suse.com/security/cve/CVE-2012-0455/" }, { "category": "self", "summary": "SUSE CVE CVE-2012-0456 page", "url": "https://www.suse.com/security/cve/CVE-2012-0456/" }, { "category": "self", "summary": "SUSE CVE CVE-2012-0458 page", "url": "https://www.suse.com/security/cve/CVE-2012-0458/" }, { "category": "self", "summary": "SUSE CVE CVE-2012-0459 page", "url": "https://www.suse.com/security/cve/CVE-2012-0459/" }, { "category": "self", "summary": "SUSE CVE CVE-2012-0460 page", "url": "https://www.suse.com/security/cve/CVE-2012-0460/" }, { "category": "self", "summary": "SUSE CVE CVE-2012-0461 page", "url": "https://www.suse.com/security/cve/CVE-2012-0461/" }, { "category": "self", "summary": "SUSE CVE CVE-2012-0463 page", "url": "https://www.suse.com/security/cve/CVE-2012-0463/" }, { "category": "self", "summary": "SUSE CVE CVE-2012-0467 page", "url": "https://www.suse.com/security/cve/CVE-2012-0467/" }, { "category": "self", "summary": "SUSE CVE CVE-2012-0469 page", "url": "https://www.suse.com/security/cve/CVE-2012-0469/" }, { "category": "self", "summary": "SUSE CVE CVE-2012-0470 page", "url": "https://www.suse.com/security/cve/CVE-2012-0470/" }, { "category": "self", "summary": "SUSE CVE CVE-2012-0471 page", "url": "https://www.suse.com/security/cve/CVE-2012-0471/" }, { "category": "self", "summary": "SUSE CVE CVE-2012-0472 page", "url": "https://www.suse.com/security/cve/CVE-2012-0472/" }, { "category": "self", "summary": "SUSE CVE CVE-2012-0473 page", "url": "https://www.suse.com/security/cve/CVE-2012-0473/" }, { "category": "self", "summary": "SUSE CVE CVE-2012-0474 page", "url": "https://www.suse.com/security/cve/CVE-2012-0474/" }, { "category": "self", "summary": "SUSE CVE CVE-2012-0475 page", "url": "https://www.suse.com/security/cve/CVE-2012-0475/" }, { "category": "self", "summary": "SUSE CVE CVE-2012-0477 page", "url": "https://www.suse.com/security/cve/CVE-2012-0477/" }, { "category": "self", "summary": "SUSE CVE CVE-2012-0478 page", "url": "https://www.suse.com/security/cve/CVE-2012-0478/" }, { "category": "self", "summary": "SUSE CVE CVE-2012-0479 page", "url": "https://www.suse.com/security/cve/CVE-2012-0479/" }, { "category": "self", "summary": "SUSE CVE CVE-2012-0759 page", "url": "https://www.suse.com/security/cve/CVE-2012-0759/" }, { "category": "self", "summary": "SUSE CVE CVE-2012-1938 page", "url": "https://www.suse.com/security/cve/CVE-2012-1938/" }, { "category": "self", "summary": "SUSE CVE CVE-2012-1944 page", "url": "https://www.suse.com/security/cve/CVE-2012-1944/" }, { "category": "self", "summary": "SUSE CVE CVE-2012-1945 page", "url": "https://www.suse.com/security/cve/CVE-2012-1945/" }, { "category": "self", "summary": "SUSE CVE CVE-2012-1946 page", "url": "https://www.suse.com/security/cve/CVE-2012-1946/" }, { "category": "self", "summary": "SUSE CVE CVE-2012-1947 page", "url": "https://www.suse.com/security/cve/CVE-2012-1947/" }, { "category": "self", "summary": "SUSE CVE CVE-2012-1949 page", "url": "https://www.suse.com/security/cve/CVE-2012-1949/" }, { "category": "self", "summary": "SUSE CVE CVE-2012-1950 page", "url": "https://www.suse.com/security/cve/CVE-2012-1950/" }, { "category": "self", "summary": "SUSE CVE CVE-2012-1951 page", "url": "https://www.suse.com/security/cve/CVE-2012-1951/" }, { "category": "self", "summary": "SUSE CVE CVE-2012-1955 page", "url": "https://www.suse.com/security/cve/CVE-2012-1955/" }, { "category": "self", "summary": "SUSE CVE CVE-2012-1956 page", "url": "https://www.suse.com/security/cve/CVE-2012-1956/" }, { "category": "self", "summary": "SUSE CVE CVE-2012-1957 page", "url": "https://www.suse.com/security/cve/CVE-2012-1957/" }, { "category": "self", "summary": "SUSE CVE CVE-2012-1958 page", "url": "https://www.suse.com/security/cve/CVE-2012-1958/" }, { "category": "self", "summary": "SUSE CVE CVE-2012-1959 page", "url": "https://www.suse.com/security/cve/CVE-2012-1959/" }, { "category": "self", "summary": "SUSE CVE CVE-2012-1960 page", "url": "https://www.suse.com/security/cve/CVE-2012-1960/" }, { "category": "self", "summary": "SUSE CVE CVE-2012-1961 page", "url": "https://www.suse.com/security/cve/CVE-2012-1961/" }, { "category": "self", "summary": "SUSE CVE CVE-2012-1962 page", "url": "https://www.suse.com/security/cve/CVE-2012-1962/" }, { "category": "self", "summary": "SUSE CVE CVE-2012-1963 page", "url": "https://www.suse.com/security/cve/CVE-2012-1963/" }, { "category": "self", "summary": "SUSE CVE CVE-2012-1965 page", "url": "https://www.suse.com/security/cve/CVE-2012-1965/" }, { "category": "self", "summary": "SUSE CVE CVE-2012-1966 page", "url": "https://www.suse.com/security/cve/CVE-2012-1966/" }, { "category": "self", "summary": "SUSE CVE CVE-2012-1967 page", "url": "https://www.suse.com/security/cve/CVE-2012-1967/" }, { "category": "self", "summary": "SUSE CVE CVE-2012-1970 page", "url": "https://www.suse.com/security/cve/CVE-2012-1970/" }, { "category": "self", "summary": "SUSE CVE CVE-2012-1972 page", "url": "https://www.suse.com/security/cve/CVE-2012-1972/" }, { "category": "self", "summary": "SUSE CVE CVE-2012-1976 page", "url": "https://www.suse.com/security/cve/CVE-2012-1976/" }, { "category": "self", "summary": "SUSE CVE CVE-2012-3960 page", "url": "https://www.suse.com/security/cve/CVE-2012-3960/" }, { "category": "self", "summary": "SUSE CVE CVE-2012-3965 page", "url": "https://www.suse.com/security/cve/CVE-2012-3965/" }, { "category": "self", "summary": "SUSE CVE CVE-2012-3966 page", "url": "https://www.suse.com/security/cve/CVE-2012-3966/" }, { "category": "self", "summary": "SUSE CVE CVE-2012-3967 page", "url": "https://www.suse.com/security/cve/CVE-2012-3967/" }, { "category": "self", "summary": "SUSE CVE CVE-2012-3969 page", "url": "https://www.suse.com/security/cve/CVE-2012-3969/" }, { "category": "self", "summary": "SUSE CVE CVE-2012-3971 page", "url": "https://www.suse.com/security/cve/CVE-2012-3971/" }, { "category": "self", "summary": "SUSE CVE CVE-2012-3972 page", "url": "https://www.suse.com/security/cve/CVE-2012-3972/" }, { "category": "self", "summary": "SUSE CVE CVE-2012-3973 page", "url": "https://www.suse.com/security/cve/CVE-2012-3973/" }, { "category": "self", "summary": "SUSE CVE CVE-2012-3975 page", "url": "https://www.suse.com/security/cve/CVE-2012-3975/" }, { "category": "self", "summary": "SUSE CVE CVE-2012-3976 page", "url": "https://www.suse.com/security/cve/CVE-2012-3976/" }, { "category": "self", "summary": "SUSE CVE CVE-2012-3978 page", "url": "https://www.suse.com/security/cve/CVE-2012-3978/" }, { "category": "self", "summary": "SUSE CVE CVE-2012-3980 page", "url": "https://www.suse.com/security/cve/CVE-2012-3980/" }, { "category": "self", "summary": "SUSE CVE CVE-2012-3982 page", "url": "https://www.suse.com/security/cve/CVE-2012-3982/" }, { "category": "self", "summary": "SUSE CVE CVE-2012-3984 page", "url": "https://www.suse.com/security/cve/CVE-2012-3984/" }, { "category": "self", "summary": "SUSE CVE CVE-2012-3985 page", "url": "https://www.suse.com/security/cve/CVE-2012-3985/" }, { "category": "self", "summary": "SUSE CVE CVE-2012-3986 page", "url": "https://www.suse.com/security/cve/CVE-2012-3986/" }, { "category": "self", "summary": "SUSE CVE CVE-2012-3988 page", "url": "https://www.suse.com/security/cve/CVE-2012-3988/" }, { "category": "self", "summary": "SUSE CVE CVE-2012-3989 page", "url": "https://www.suse.com/security/cve/CVE-2012-3989/" }, { "category": "self", "summary": "SUSE CVE CVE-2012-3990 page", "url": "https://www.suse.com/security/cve/CVE-2012-3990/" }, { "category": "self", "summary": "SUSE CVE CVE-2012-3991 page", "url": "https://www.suse.com/security/cve/CVE-2012-3991/" }, { "category": "self", "summary": "SUSE CVE CVE-2012-3992 page", "url": "https://www.suse.com/security/cve/CVE-2012-3992/" }, { "category": "self", "summary": "SUSE CVE CVE-2012-3993 page", "url": "https://www.suse.com/security/cve/CVE-2012-3993/" }, { "category": "self", "summary": "SUSE CVE CVE-2012-3994 page", "url": "https://www.suse.com/security/cve/CVE-2012-3994/" }, { "category": "self", "summary": "SUSE CVE CVE-2012-3995 page", "url": "https://www.suse.com/security/cve/CVE-2012-3995/" }, { "category": "self", "summary": "SUSE CVE CVE-2012-4181 page", "url": "https://www.suse.com/security/cve/CVE-2012-4181/" }, { "category": "self", "summary": "SUSE CVE CVE-2012-4185 page", "url": "https://www.suse.com/security/cve/CVE-2012-4185/" }, { "category": "self", "summary": "SUSE CVE CVE-2012-4188 page", "url": "https://www.suse.com/security/cve/CVE-2012-4188/" }, { "category": "self", "summary": "SUSE CVE CVE-2012-4191 page", "url": "https://www.suse.com/security/cve/CVE-2012-4191/" }, { "category": "self", "summary": "SUSE CVE CVE-2012-4192 page", "url": "https://www.suse.com/security/cve/CVE-2012-4192/" }, { "category": "self", "summary": "SUSE CVE CVE-2012-4194 page", "url": "https://www.suse.com/security/cve/CVE-2012-4194/" }, { "category": "self", "summary": "SUSE CVE CVE-2012-4201 page", "url": "https://www.suse.com/security/cve/CVE-2012-4201/" }, { "category": "self", "summary": "SUSE CVE CVE-2012-4202 page", "url": "https://www.suse.com/security/cve/CVE-2012-4202/" }, { "category": "self", "summary": "SUSE CVE CVE-2012-4203 page", "url": "https://www.suse.com/security/cve/CVE-2012-4203/" }, { "category": "self", "summary": "SUSE CVE CVE-2012-4204 page", "url": "https://www.suse.com/security/cve/CVE-2012-4204/" }, { "category": "self", "summary": "SUSE CVE CVE-2012-4205 page", "url": "https://www.suse.com/security/cve/CVE-2012-4205/" }, { "category": "self", "summary": "SUSE CVE CVE-2012-4207 page", "url": "https://www.suse.com/security/cve/CVE-2012-4207/" }, { "category": "self", "summary": "SUSE CVE CVE-2012-4208 page", "url": "https://www.suse.com/security/cve/CVE-2012-4208/" }, { "category": "self", "summary": "SUSE CVE CVE-2012-4209 page", "url": "https://www.suse.com/security/cve/CVE-2012-4209/" }, { "category": "self", "summary": "SUSE CVE CVE-2012-4210 page", "url": "https://www.suse.com/security/cve/CVE-2012-4210/" }, { "category": "self", "summary": "SUSE CVE CVE-2012-4213 page", "url": "https://www.suse.com/security/cve/CVE-2012-4213/" }, { "category": "self", "summary": "SUSE CVE CVE-2012-4214 page", "url": "https://www.suse.com/security/cve/CVE-2012-4214/" }, { "category": "self", "summary": "SUSE CVE CVE-2012-5829 page", "url": "https://www.suse.com/security/cve/CVE-2012-5829/" }, { "category": "self", "summary": "SUSE CVE CVE-2012-5830 page", "url": "https://www.suse.com/security/cve/CVE-2012-5830/" }, { "category": "self", "summary": "SUSE CVE CVE-2012-5836 page", "url": "https://www.suse.com/security/cve/CVE-2012-5836/" }, { "category": "self", "summary": "SUSE CVE CVE-2012-5837 page", "url": "https://www.suse.com/security/cve/CVE-2012-5837/" }, { "category": "self", "summary": "SUSE CVE CVE-2012-5841 page", "url": "https://www.suse.com/security/cve/CVE-2012-5841/" }, { "category": "self", "summary": "SUSE CVE CVE-2012-5842 page", "url": "https://www.suse.com/security/cve/CVE-2012-5842/" }, { "category": "self", "summary": "SUSE CVE CVE-2013-0743 page", "url": "https://www.suse.com/security/cve/CVE-2013-0743/" }, { "category": "self", "summary": "SUSE CVE CVE-2013-0744 page", "url": "https://www.suse.com/security/cve/CVE-2013-0744/" }, { "category": "self", "summary": "SUSE CVE CVE-2013-0745 page", "url": "https://www.suse.com/security/cve/CVE-2013-0745/" }, { "category": "self", "summary": "SUSE CVE CVE-2013-0746 page", "url": "https://www.suse.com/security/cve/CVE-2013-0746/" }, { "category": "self", "summary": "SUSE CVE CVE-2013-0747 page", "url": "https://www.suse.com/security/cve/CVE-2013-0747/" }, { "category": "self", "summary": "SUSE CVE CVE-2013-0748 page", "url": "https://www.suse.com/security/cve/CVE-2013-0748/" }, { "category": "self", "summary": "SUSE CVE CVE-2013-0749 page", "url": "https://www.suse.com/security/cve/CVE-2013-0749/" }, { "category": "self", "summary": "SUSE CVE CVE-2013-0750 page", "url": "https://www.suse.com/security/cve/CVE-2013-0750/" }, { "category": "self", "summary": "SUSE CVE CVE-2013-0751 page", "url": "https://www.suse.com/security/cve/CVE-2013-0751/" }, { "category": "self", "summary": "SUSE CVE CVE-2013-0752 page", "url": "https://www.suse.com/security/cve/CVE-2013-0752/" }, { "category": "self", "summary": "SUSE CVE CVE-2013-0753 page", "url": "https://www.suse.com/security/cve/CVE-2013-0753/" }, { "category": "self", "summary": "SUSE CVE CVE-2013-0754 page", "url": "https://www.suse.com/security/cve/CVE-2013-0754/" }, { "category": "self", "summary": "SUSE CVE CVE-2013-0755 page", "url": "https://www.suse.com/security/cve/CVE-2013-0755/" }, { "category": "self", "summary": "SUSE CVE CVE-2013-0756 page", "url": "https://www.suse.com/security/cve/CVE-2013-0756/" }, { "category": "self", "summary": "SUSE CVE CVE-2013-0757 page", "url": "https://www.suse.com/security/cve/CVE-2013-0757/" }, { "category": "self", "summary": "SUSE CVE CVE-2013-0758 page", "url": "https://www.suse.com/security/cve/CVE-2013-0758/" }, { "category": "self", "summary": "SUSE CVE CVE-2013-0760 page", "url": "https://www.suse.com/security/cve/CVE-2013-0760/" }, { "category": "self", "summary": "SUSE CVE CVE-2013-0761 page", "url": "https://www.suse.com/security/cve/CVE-2013-0761/" }, { "category": "self", "summary": "SUSE CVE CVE-2013-0764 page", "url": "https://www.suse.com/security/cve/CVE-2013-0764/" }, { "category": "self", "summary": "SUSE CVE CVE-2013-0765 page", "url": "https://www.suse.com/security/cve/CVE-2013-0765/" }, { "category": "self", "summary": "SUSE CVE CVE-2013-0768 page", "url": "https://www.suse.com/security/cve/CVE-2013-0768/" }, { "category": "self", "summary": "SUSE CVE CVE-2013-0772 page", "url": "https://www.suse.com/security/cve/CVE-2013-0772/" }, { "category": "self", "summary": "SUSE CVE CVE-2013-0773 page", "url": "https://www.suse.com/security/cve/CVE-2013-0773/" }, { "category": "self", "summary": "SUSE CVE CVE-2013-0774 page", "url": "https://www.suse.com/security/cve/CVE-2013-0774/" }, { "category": "self", "summary": "SUSE CVE CVE-2013-0775 page", "url": "https://www.suse.com/security/cve/CVE-2013-0775/" }, { "category": "self", "summary": "SUSE CVE CVE-2013-0776 page", "url": "https://www.suse.com/security/cve/CVE-2013-0776/" }, { "category": "self", "summary": "SUSE CVE CVE-2013-0778 page", "url": "https://www.suse.com/security/cve/CVE-2013-0778/" }, { "category": "self", "summary": "SUSE CVE CVE-2013-0780 page", "url": "https://www.suse.com/security/cve/CVE-2013-0780/" }, { "category": "self", "summary": "SUSE CVE CVE-2013-0783 page", "url": "https://www.suse.com/security/cve/CVE-2013-0783/" }, { "category": "self", "summary": "SUSE CVE CVE-2013-0787 page", "url": "https://www.suse.com/security/cve/CVE-2013-0787/" }, { "category": "self", "summary": "SUSE CVE CVE-2013-0788 page", "url": "https://www.suse.com/security/cve/CVE-2013-0788/" }, { "category": "self", "summary": "SUSE CVE CVE-2013-0792 page", "url": "https://www.suse.com/security/cve/CVE-2013-0792/" }, { "category": "self", "summary": "SUSE CVE CVE-2013-0793 page", "url": "https://www.suse.com/security/cve/CVE-2013-0793/" }, { "category": "self", "summary": "SUSE CVE CVE-2013-0794 page", "url": "https://www.suse.com/security/cve/CVE-2013-0794/" }, { "category": "self", "summary": "SUSE CVE CVE-2013-0795 page", "url": "https://www.suse.com/security/cve/CVE-2013-0795/" }, { "category": "self", "summary": "SUSE CVE CVE-2013-0796 page", "url": "https://www.suse.com/security/cve/CVE-2013-0796/" }, { "category": "self", "summary": "SUSE CVE CVE-2013-0800 page", "url": "https://www.suse.com/security/cve/CVE-2013-0800/" }, { "category": "self", "summary": "SUSE CVE CVE-2013-0801 page", "url": "https://www.suse.com/security/cve/CVE-2013-0801/" }, { "category": "self", "summary": "SUSE CVE CVE-2013-1670 page", "url": "https://www.suse.com/security/cve/CVE-2013-1670/" }, { "category": "self", "summary": "SUSE CVE CVE-2013-1671 page", "url": "https://www.suse.com/security/cve/CVE-2013-1671/" }, { "category": "self", "summary": "SUSE CVE CVE-2013-1674 page", "url": "https://www.suse.com/security/cve/CVE-2013-1674/" }, { "category": "self", "summary": "SUSE CVE CVE-2013-1675 page", "url": "https://www.suse.com/security/cve/CVE-2013-1675/" }, { "category": "self", "summary": "SUSE CVE CVE-2013-1676 page", "url": "https://www.suse.com/security/cve/CVE-2013-1676/" }, { "category": "self", "summary": "SUSE CVE CVE-2013-1679 page", "url": "https://www.suse.com/security/cve/CVE-2013-1679/" }, { "category": "self", "summary": "SUSE CVE CVE-2013-1682 page", "url": "https://www.suse.com/security/cve/CVE-2013-1682/" }, { "category": "self", "summary": "SUSE CVE CVE-2013-1684 page", "url": "https://www.suse.com/security/cve/CVE-2013-1684/" }, { "category": "self", "summary": "SUSE CVE CVE-2013-1687 page", "url": "https://www.suse.com/security/cve/CVE-2013-1687/" }, { "category": "self", "summary": "SUSE CVE CVE-2013-1688 page", "url": "https://www.suse.com/security/cve/CVE-2013-1688/" }, { "category": "self", "summary": "SUSE CVE CVE-2013-1690 page", "url": "https://www.suse.com/security/cve/CVE-2013-1690/" }, { "category": "self", "summary": "SUSE CVE CVE-2013-1692 page", "url": "https://www.suse.com/security/cve/CVE-2013-1692/" }, { "category": "self", "summary": "SUSE CVE CVE-2013-1693 page", "url": "https://www.suse.com/security/cve/CVE-2013-1693/" }, { "category": "self", "summary": "SUSE CVE CVE-2013-1694 page", "url": "https://www.suse.com/security/cve/CVE-2013-1694/" }, { "category": "self", "summary": "SUSE CVE CVE-2013-1695 page", "url": "https://www.suse.com/security/cve/CVE-2013-1695/" }, { "category": "self", "summary": "SUSE CVE CVE-2013-1696 page", "url": "https://www.suse.com/security/cve/CVE-2013-1696/" }, { "category": "self", "summary": "SUSE CVE CVE-2013-1697 page", "url": "https://www.suse.com/security/cve/CVE-2013-1697/" }, { "category": "self", "summary": "SUSE CVE CVE-2013-1698 page", "url": "https://www.suse.com/security/cve/CVE-2013-1698/" }, { "category": "self", "summary": "SUSE CVE CVE-2013-1699 page", "url": "https://www.suse.com/security/cve/CVE-2013-1699/" }, { "category": "self", "summary": "SUSE CVE CVE-2013-1701 page", "url": "https://www.suse.com/security/cve/CVE-2013-1701/" }, { "category": "self", "summary": "SUSE CVE CVE-2013-1704 page", "url": "https://www.suse.com/security/cve/CVE-2013-1704/" }, { "category": "self", "summary": "SUSE CVE CVE-2013-1705 page", "url": "https://www.suse.com/security/cve/CVE-2013-1705/" }, { "category": "self", "summary": "SUSE CVE CVE-2013-1708 page", "url": "https://www.suse.com/security/cve/CVE-2013-1708/" }, { "category": "self", "summary": "SUSE CVE CVE-2013-1709 page", "url": "https://www.suse.com/security/cve/CVE-2013-1709/" }, { "category": "self", "summary": "SUSE CVE CVE-2013-1710 page", "url": "https://www.suse.com/security/cve/CVE-2013-1710/" }, { "category": "self", "summary": "SUSE CVE CVE-2013-1711 page", "url": "https://www.suse.com/security/cve/CVE-2013-1711/" }, { "category": "self", "summary": "SUSE CVE CVE-2013-1713 page", "url": "https://www.suse.com/security/cve/CVE-2013-1713/" }, { "category": "self", "summary": "SUSE CVE CVE-2013-1714 page", "url": "https://www.suse.com/security/cve/CVE-2013-1714/" }, { "category": "self", "summary": "SUSE CVE CVE-2013-1717 page", "url": "https://www.suse.com/security/cve/CVE-2013-1717/" }, { "category": "self", "summary": "SUSE CVE CVE-2013-1718 page", "url": "https://www.suse.com/security/cve/CVE-2013-1718/" }, { "category": "self", "summary": "SUSE CVE CVE-2013-1720 page", "url": "https://www.suse.com/security/cve/CVE-2013-1720/" }, { "category": "self", "summary": "SUSE CVE CVE-2013-1721 page", "url": "https://www.suse.com/security/cve/CVE-2013-1721/" }, { "category": "self", "summary": "SUSE CVE CVE-2013-1722 page", "url": "https://www.suse.com/security/cve/CVE-2013-1722/" }, { "category": "self", "summary": "SUSE CVE CVE-2013-1723 page", "url": "https://www.suse.com/security/cve/CVE-2013-1723/" }, { "category": "self", "summary": "SUSE CVE CVE-2013-1724 page", "url": "https://www.suse.com/security/cve/CVE-2013-1724/" }, { "category": "self", "summary": "SUSE CVE CVE-2013-1725 page", "url": "https://www.suse.com/security/cve/CVE-2013-1725/" }, { "category": "self", "summary": "SUSE CVE CVE-2013-1728 page", "url": "https://www.suse.com/security/cve/CVE-2013-1728/" }, { "category": "self", "summary": "SUSE CVE CVE-2013-1730 page", "url": "https://www.suse.com/security/cve/CVE-2013-1730/" }, { "category": "self", "summary": "SUSE CVE CVE-2013-1732 page", "url": "https://www.suse.com/security/cve/CVE-2013-1732/" }, { "category": "self", "summary": "SUSE CVE CVE-2013-1735 page", "url": "https://www.suse.com/security/cve/CVE-2013-1735/" }, { "category": "self", "summary": "SUSE CVE CVE-2013-1737 page", "url": "https://www.suse.com/security/cve/CVE-2013-1737/" }, { "category": "self", "summary": "SUSE CVE CVE-2013-1738 page", "url": "https://www.suse.com/security/cve/CVE-2013-1738/" }, { "category": "self", "summary": "SUSE CVE CVE-2013-5590 page", "url": "https://www.suse.com/security/cve/CVE-2013-5590/" }, { "category": "self", "summary": "SUSE CVE CVE-2013-5593 page", "url": "https://www.suse.com/security/cve/CVE-2013-5593/" }, { "category": "self", "summary": "SUSE CVE CVE-2013-5595 page", "url": "https://www.suse.com/security/cve/CVE-2013-5595/" }, { "category": "self", "summary": "SUSE CVE CVE-2013-5596 page", "url": "https://www.suse.com/security/cve/CVE-2013-5596/" }, { "category": "self", "summary": "SUSE CVE CVE-2013-5597 page", "url": "https://www.suse.com/security/cve/CVE-2013-5597/" }, { "category": "self", "summary": "SUSE CVE CVE-2013-5598 page", "url": "https://www.suse.com/security/cve/CVE-2013-5598/" }, { "category": "self", "summary": "SUSE CVE CVE-2013-5599 page", "url": "https://www.suse.com/security/cve/CVE-2013-5599/" }, { "category": "self", "summary": "SUSE CVE CVE-2013-5602 page", "url": "https://www.suse.com/security/cve/CVE-2013-5602/" }, { "category": "self", "summary": "SUSE CVE CVE-2013-5603 page", "url": "https://www.suse.com/security/cve/CVE-2013-5603/" }, { "category": "self", "summary": "SUSE CVE CVE-2013-5604 page", "url": "https://www.suse.com/security/cve/CVE-2013-5604/" }, { "category": "self", "summary": "SUSE CVE CVE-2013-5609 page", "url": "https://www.suse.com/security/cve/CVE-2013-5609/" }, { "category": "self", "summary": "SUSE CVE CVE-2013-5611 page", "url": "https://www.suse.com/security/cve/CVE-2013-5611/" }, { "category": "self", "summary": "SUSE CVE CVE-2013-5612 page", "url": "https://www.suse.com/security/cve/CVE-2013-5612/" }, { "category": "self", "summary": "SUSE CVE CVE-2013-5613 page", "url": "https://www.suse.com/security/cve/CVE-2013-5613/" }, { "category": "self", "summary": "SUSE CVE CVE-2013-5614 page", "url": "https://www.suse.com/security/cve/CVE-2013-5614/" }, { "category": "self", "summary": "SUSE CVE CVE-2013-5615 page", "url": "https://www.suse.com/security/cve/CVE-2013-5615/" }, { "category": "self", "summary": "SUSE CVE CVE-2013-5616 page", "url": "https://www.suse.com/security/cve/CVE-2013-5616/" }, { "category": "self", "summary": "SUSE CVE CVE-2013-5618 page", "url": "https://www.suse.com/security/cve/CVE-2013-5618/" }, { "category": "self", "summary": "SUSE CVE CVE-2013-5619 page", "url": "https://www.suse.com/security/cve/CVE-2013-5619/" }, { "category": "self", "summary": "SUSE CVE CVE-2013-6629 page", "url": "https://www.suse.com/security/cve/CVE-2013-6629/" }, { "category": "self", "summary": "SUSE CVE CVE-2013-6671 page", "url": "https://www.suse.com/security/cve/CVE-2013-6671/" }, { "category": "self", "summary": "SUSE CVE CVE-2013-6672 page", "url": "https://www.suse.com/security/cve/CVE-2013-6672/" }, { "category": "self", "summary": "SUSE CVE CVE-2013-6673 page", "url": "https://www.suse.com/security/cve/CVE-2013-6673/" }, { "category": "self", "summary": "SUSE CVE CVE-2014-1477 page", "url": "https://www.suse.com/security/cve/CVE-2014-1477/" }, { "category": "self", "summary": "SUSE CVE CVE-2014-1479 page", "url": "https://www.suse.com/security/cve/CVE-2014-1479/" }, { "category": "self", "summary": "SUSE CVE CVE-2014-1480 page", "url": "https://www.suse.com/security/cve/CVE-2014-1480/" }, { "category": "self", "summary": "SUSE CVE CVE-2014-1481 page", "url": "https://www.suse.com/security/cve/CVE-2014-1481/" }, { "category": "self", "summary": "SUSE CVE CVE-2014-1482 page", "url": "https://www.suse.com/security/cve/CVE-2014-1482/" }, { "category": "self", "summary": "SUSE CVE CVE-2014-1483 page", "url": "https://www.suse.com/security/cve/CVE-2014-1483/" }, { "category": "self", "summary": "SUSE CVE CVE-2014-1484 page", "url": "https://www.suse.com/security/cve/CVE-2014-1484/" }, { "category": "self", "summary": "SUSE CVE CVE-2014-1485 page", "url": "https://www.suse.com/security/cve/CVE-2014-1485/" }, { "category": "self", "summary": "SUSE CVE CVE-2014-1486 page", "url": "https://www.suse.com/security/cve/CVE-2014-1486/" }, { "category": "self", "summary": "SUSE CVE CVE-2014-1487 page", "url": "https://www.suse.com/security/cve/CVE-2014-1487/" }, { "category": "self", "summary": "SUSE CVE CVE-2014-1488 page", "url": "https://www.suse.com/security/cve/CVE-2014-1488/" }, { "category": "self", "summary": "SUSE CVE CVE-2014-1489 page", "url": "https://www.suse.com/security/cve/CVE-2014-1489/" }, { "category": "self", "summary": "SUSE CVE CVE-2014-1490 page", "url": "https://www.suse.com/security/cve/CVE-2014-1490/" }, { "category": "self", "summary": "SUSE CVE CVE-2014-1492 page", "url": "https://www.suse.com/security/cve/CVE-2014-1492/" }, { "category": "self", "summary": "SUSE CVE CVE-2014-1493 page", "url": "https://www.suse.com/security/cve/CVE-2014-1493/" }, { "category": "self", "summary": "SUSE CVE CVE-2014-1497 page", "url": "https://www.suse.com/security/cve/CVE-2014-1497/" }, { "category": "self", "summary": "SUSE CVE CVE-2014-1498 page", "url": "https://www.suse.com/security/cve/CVE-2014-1498/" }, { "category": "self", "summary": "SUSE CVE CVE-2014-1499 page", "url": "https://www.suse.com/security/cve/CVE-2014-1499/" }, { "category": "self", "summary": "SUSE CVE CVE-2014-1500 page", "url": "https://www.suse.com/security/cve/CVE-2014-1500/" }, { "category": "self", "summary": "SUSE CVE CVE-2014-1502 page", "url": "https://www.suse.com/security/cve/CVE-2014-1502/" }, { "category": "self", "summary": "SUSE CVE CVE-2014-1504 page", "url": "https://www.suse.com/security/cve/CVE-2014-1504/" }, { "category": "self", "summary": "SUSE CVE CVE-2014-1505 page", "url": "https://www.suse.com/security/cve/CVE-2014-1505/" }, { "category": "self", "summary": "SUSE CVE CVE-2014-1508 page", "url": "https://www.suse.com/security/cve/CVE-2014-1508/" }, { "category": "self", "summary": "SUSE CVE CVE-2014-1509 page", "url": "https://www.suse.com/security/cve/CVE-2014-1509/" }, { "category": "self", "summary": "SUSE CVE CVE-2014-1510 page", "url": "https://www.suse.com/security/cve/CVE-2014-1510/" }, { "category": "self", "summary": "SUSE CVE CVE-2014-1512 page", "url": "https://www.suse.com/security/cve/CVE-2014-1512/" }, { "category": "self", "summary": "SUSE CVE CVE-2014-1513 page", "url": "https://www.suse.com/security/cve/CVE-2014-1513/" }, { "category": "self", "summary": "SUSE CVE CVE-2014-1514 page", "url": "https://www.suse.com/security/cve/CVE-2014-1514/" }, { "category": "self", "summary": "SUSE CVE CVE-2014-1518 page", "url": "https://www.suse.com/security/cve/CVE-2014-1518/" }, { "category": "self", "summary": "SUSE CVE CVE-2014-1522 page", "url": "https://www.suse.com/security/cve/CVE-2014-1522/" }, { "category": "self", "summary": "SUSE CVE CVE-2014-1523 page", "url": "https://www.suse.com/security/cve/CVE-2014-1523/" }, { "category": "self", "summary": "SUSE CVE CVE-2014-1524 page", "url": "https://www.suse.com/security/cve/CVE-2014-1524/" }, { "category": "self", "summary": "SUSE CVE CVE-2014-1525 page", "url": "https://www.suse.com/security/cve/CVE-2014-1525/" }, { "category": "self", "summary": "SUSE CVE CVE-2014-1526 page", "url": "https://www.suse.com/security/cve/CVE-2014-1526/" }, { "category": "self", "summary": "SUSE CVE CVE-2014-1528 page", "url": "https://www.suse.com/security/cve/CVE-2014-1528/" }, { "category": "self", "summary": "SUSE CVE CVE-2014-1529 page", "url": "https://www.suse.com/security/cve/CVE-2014-1529/" }, { "category": "self", "summary": "SUSE CVE CVE-2014-1530 page", "url": "https://www.suse.com/security/cve/CVE-2014-1530/" }, { "category": "self", "summary": "SUSE CVE CVE-2014-1531 page", "url": "https://www.suse.com/security/cve/CVE-2014-1531/" }, { "category": "self", "summary": "SUSE CVE CVE-2014-1532 page", "url": "https://www.suse.com/security/cve/CVE-2014-1532/" }, { "category": "self", "summary": "SUSE CVE CVE-2014-1533 page", "url": "https://www.suse.com/security/cve/CVE-2014-1533/" }, { "category": "self", "summary": "SUSE CVE CVE-2014-1536 page", "url": "https://www.suse.com/security/cve/CVE-2014-1536/" }, { "category": "self", "summary": "SUSE CVE CVE-2014-1539 page", "url": "https://www.suse.com/security/cve/CVE-2014-1539/" }, { "category": "self", "summary": "SUSE CVE CVE-2014-1540 page", "url": "https://www.suse.com/security/cve/CVE-2014-1540/" }, { "category": "self", "summary": "SUSE CVE CVE-2014-1541 page", "url": "https://www.suse.com/security/cve/CVE-2014-1541/" }, { "category": "self", "summary": "SUSE CVE CVE-2014-1542 page", "url": "https://www.suse.com/security/cve/CVE-2014-1542/" }, { "category": "self", "summary": "SUSE CVE CVE-2014-1543 page", "url": "https://www.suse.com/security/cve/CVE-2014-1543/" }, { "category": "self", "summary": "SUSE CVE CVE-2014-1544 page", "url": "https://www.suse.com/security/cve/CVE-2014-1544/" }, { "category": "self", "summary": "SUSE CVE CVE-2014-1545 page", "url": "https://www.suse.com/security/cve/CVE-2014-1545/" }, { "category": "self", "summary": "SUSE CVE CVE-2014-1547 page", "url": "https://www.suse.com/security/cve/CVE-2014-1547/" }, { "category": "self", "summary": "SUSE CVE CVE-2014-1549 page", "url": "https://www.suse.com/security/cve/CVE-2014-1549/" }, { "category": "self", "summary": "SUSE CVE CVE-2014-1550 page", "url": "https://www.suse.com/security/cve/CVE-2014-1550/" }, { "category": "self", "summary": "SUSE CVE CVE-2014-1552 page", "url": "https://www.suse.com/security/cve/CVE-2014-1552/" }, { "category": "self", "summary": "SUSE CVE CVE-2014-1553 page", "url": "https://www.suse.com/security/cve/CVE-2014-1553/" }, { "category": "self", "summary": "SUSE CVE CVE-2014-1555 page", "url": "https://www.suse.com/security/cve/CVE-2014-1555/" }, { "category": "self", "summary": "SUSE CVE CVE-2014-1556 page", "url": "https://www.suse.com/security/cve/CVE-2014-1556/" }, { "category": "self", "summary": "SUSE CVE CVE-2014-1557 page", "url": "https://www.suse.com/security/cve/CVE-2014-1557/" }, { "category": "self", "summary": "SUSE CVE CVE-2014-1558 page", "url": "https://www.suse.com/security/cve/CVE-2014-1558/" }, { "category": "self", "summary": "SUSE CVE CVE-2014-1561 page", "url": "https://www.suse.com/security/cve/CVE-2014-1561/" }, { "category": "self", "summary": "SUSE CVE CVE-2014-1563 page", "url": "https://www.suse.com/security/cve/CVE-2014-1563/" }, { "category": "self", "summary": "SUSE CVE CVE-2014-1564 page", "url": "https://www.suse.com/security/cve/CVE-2014-1564/" }, { "category": "self", "summary": "SUSE CVE CVE-2014-1565 page", "url": "https://www.suse.com/security/cve/CVE-2014-1565/" }, { "category": "self", "summary": "SUSE CVE CVE-2014-1567 page", "url": "https://www.suse.com/security/cve/CVE-2014-1567/" }, { "category": "self", "summary": "SUSE CVE CVE-2014-1574 page", "url": "https://www.suse.com/security/cve/CVE-2014-1574/" }, { "category": "self", "summary": "SUSE CVE CVE-2014-1576 page", "url": "https://www.suse.com/security/cve/CVE-2014-1576/" }, { "category": "self", "summary": "SUSE CVE CVE-2014-1577 page", "url": "https://www.suse.com/security/cve/CVE-2014-1577/" }, { "category": "self", "summary": "SUSE CVE CVE-2014-1578 page", "url": "https://www.suse.com/security/cve/CVE-2014-1578/" }, { "category": "self", "summary": "SUSE CVE CVE-2014-1580 page", "url": "https://www.suse.com/security/cve/CVE-2014-1580/" }, { "category": "self", "summary": "SUSE CVE CVE-2014-1581 page", "url": "https://www.suse.com/security/cve/CVE-2014-1581/" }, { "category": "self", "summary": "SUSE CVE CVE-2014-1582 page", "url": "https://www.suse.com/security/cve/CVE-2014-1582/" }, { "category": "self", "summary": "SUSE CVE CVE-2014-1583 page", "url": "https://www.suse.com/security/cve/CVE-2014-1583/" }, { "category": "self", "summary": "SUSE CVE CVE-2014-1585 page", "url": "https://www.suse.com/security/cve/CVE-2014-1585/" }, { "category": "self", "summary": "SUSE CVE CVE-2014-1587 page", "url": "https://www.suse.com/security/cve/CVE-2014-1587/" }, { "category": "self", "summary": "SUSE CVE CVE-2014-1589 page", "url": "https://www.suse.com/security/cve/CVE-2014-1589/" }, { "category": "self", "summary": "SUSE CVE CVE-2014-1590 page", "url": "https://www.suse.com/security/cve/CVE-2014-1590/" }, { "category": "self", "summary": "SUSE CVE CVE-2014-1591 page", "url": "https://www.suse.com/security/cve/CVE-2014-1591/" }, { "category": "self", "summary": "SUSE CVE CVE-2014-1592 page", "url": "https://www.suse.com/security/cve/CVE-2014-1592/" }, { "category": "self", "summary": "SUSE CVE CVE-2014-1593 page", "url": "https://www.suse.com/security/cve/CVE-2014-1593/" }, { "category": "self", "summary": "SUSE CVE CVE-2014-1594 page", "url": "https://www.suse.com/security/cve/CVE-2014-1594/" }, { "category": "self", "summary": "SUSE CVE CVE-2014-8634 page", "url": "https://www.suse.com/security/cve/CVE-2014-8634/" }, { "category": "self", "summary": "SUSE CVE CVE-2014-8636 page", "url": "https://www.suse.com/security/cve/CVE-2014-8636/" }, { "category": "self", "summary": "SUSE CVE CVE-2014-8637 page", "url": "https://www.suse.com/security/cve/CVE-2014-8637/" }, { "category": "self", "summary": "SUSE CVE CVE-2014-8638 page", "url": "https://www.suse.com/security/cve/CVE-2014-8638/" }, { "category": "self", "summary": "SUSE CVE CVE-2014-8639 page", "url": "https://www.suse.com/security/cve/CVE-2014-8639/" }, { "category": "self", "summary": "SUSE CVE CVE-2014-8640 page", "url": "https://www.suse.com/security/cve/CVE-2014-8640/" }, { "category": "self", "summary": "SUSE CVE CVE-2014-8641 page", "url": "https://www.suse.com/security/cve/CVE-2014-8641/" }, { "category": "self", "summary": "SUSE CVE CVE-2014-8642 page", "url": "https://www.suse.com/security/cve/CVE-2014-8642/" }, { "category": "self", "summary": "SUSE CVE CVE-2014-8643 page", "url": "https://www.suse.com/security/cve/CVE-2014-8643/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-0798 page", "url": "https://www.suse.com/security/cve/CVE-2015-0798/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-0799 page", "url": "https://www.suse.com/security/cve/CVE-2015-0799/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-0800 page", "url": "https://www.suse.com/security/cve/CVE-2015-0800/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-0801 page", "url": "https://www.suse.com/security/cve/CVE-2015-0801/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-0802 page", "url": "https://www.suse.com/security/cve/CVE-2015-0802/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-0803 page", "url": "https://www.suse.com/security/cve/CVE-2015-0803/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-0805 page", "url": "https://www.suse.com/security/cve/CVE-2015-0805/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-0807 page", "url": "https://www.suse.com/security/cve/CVE-2015-0807/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-0808 page", "url": "https://www.suse.com/security/cve/CVE-2015-0808/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-0810 page", "url": "https://www.suse.com/security/cve/CVE-2015-0810/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-0811 page", "url": "https://www.suse.com/security/cve/CVE-2015-0811/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-0812 page", "url": "https://www.suse.com/security/cve/CVE-2015-0812/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-0813 page", "url": "https://www.suse.com/security/cve/CVE-2015-0813/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-0814 page", "url": "https://www.suse.com/security/cve/CVE-2015-0814/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-0816 page", "url": "https://www.suse.com/security/cve/CVE-2015-0816/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-0817 page", "url": "https://www.suse.com/security/cve/CVE-2015-0817/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-0818 page", "url": "https://www.suse.com/security/cve/CVE-2015-0818/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-0819 page", "url": "https://www.suse.com/security/cve/CVE-2015-0819/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-0820 page", "url": "https://www.suse.com/security/cve/CVE-2015-0820/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-0821 page", "url": "https://www.suse.com/security/cve/CVE-2015-0821/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-0822 page", "url": "https://www.suse.com/security/cve/CVE-2015-0822/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-0823 page", "url": "https://www.suse.com/security/cve/CVE-2015-0823/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-0824 page", "url": "https://www.suse.com/security/cve/CVE-2015-0824/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-0825 page", "url": "https://www.suse.com/security/cve/CVE-2015-0825/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-0826 page", "url": "https://www.suse.com/security/cve/CVE-2015-0826/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-0827 page", "url": "https://www.suse.com/security/cve/CVE-2015-0827/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-0828 page", "url": "https://www.suse.com/security/cve/CVE-2015-0828/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-0829 page", "url": "https://www.suse.com/security/cve/CVE-2015-0829/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-0830 page", "url": "https://www.suse.com/security/cve/CVE-2015-0830/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-0831 page", "url": "https://www.suse.com/security/cve/CVE-2015-0831/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-0832 page", "url": "https://www.suse.com/security/cve/CVE-2015-0832/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-0833 page", "url": "https://www.suse.com/security/cve/CVE-2015-0833/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-0834 page", "url": "https://www.suse.com/security/cve/CVE-2015-0834/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-0835 page", "url": "https://www.suse.com/security/cve/CVE-2015-0835/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-2706 page", "url": "https://www.suse.com/security/cve/CVE-2015-2706/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-2708 page", "url": "https://www.suse.com/security/cve/CVE-2015-2708/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-2710 page", "url": "https://www.suse.com/security/cve/CVE-2015-2710/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-2711 page", "url": "https://www.suse.com/security/cve/CVE-2015-2711/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-2712 page", "url": "https://www.suse.com/security/cve/CVE-2015-2712/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-2713 page", "url": "https://www.suse.com/security/cve/CVE-2015-2713/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-2715 page", "url": "https://www.suse.com/security/cve/CVE-2015-2715/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-2716 page", "url": "https://www.suse.com/security/cve/CVE-2015-2716/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-2717 page", "url": "https://www.suse.com/security/cve/CVE-2015-2717/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-2718 page", "url": "https://www.suse.com/security/cve/CVE-2015-2718/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-2721 page", "url": "https://www.suse.com/security/cve/CVE-2015-2721/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-2722 page", "url": "https://www.suse.com/security/cve/CVE-2015-2722/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-2724 page", "url": "https://www.suse.com/security/cve/CVE-2015-2724/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-2727 page", "url": "https://www.suse.com/security/cve/CVE-2015-2727/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-2728 page", "url": "https://www.suse.com/security/cve/CVE-2015-2728/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-2729 page", "url": "https://www.suse.com/security/cve/CVE-2015-2729/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-2730 page", "url": "https://www.suse.com/security/cve/CVE-2015-2730/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-2731 page", "url": "https://www.suse.com/security/cve/CVE-2015-2731/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-2734 page", "url": "https://www.suse.com/security/cve/CVE-2015-2734/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-2738 page", "url": "https://www.suse.com/security/cve/CVE-2015-2738/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-2741 page", "url": "https://www.suse.com/security/cve/CVE-2015-2741/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-2742 page", "url": "https://www.suse.com/security/cve/CVE-2015-2742/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-2743 page", "url": "https://www.suse.com/security/cve/CVE-2015-2743/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-4000 page", "url": "https://www.suse.com/security/cve/CVE-2015-4000/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-4473 page", "url": "https://www.suse.com/security/cve/CVE-2015-4473/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-4475 page", "url": "https://www.suse.com/security/cve/CVE-2015-4475/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-4476 page", "url": "https://www.suse.com/security/cve/CVE-2015-4476/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-4477 page", "url": "https://www.suse.com/security/cve/CVE-2015-4477/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-4478 page", "url": "https://www.suse.com/security/cve/CVE-2015-4478/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-4479 page", "url": "https://www.suse.com/security/cve/CVE-2015-4479/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-4481 page", "url": "https://www.suse.com/security/cve/CVE-2015-4481/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-4482 page", "url": "https://www.suse.com/security/cve/CVE-2015-4482/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-4483 page", "url": "https://www.suse.com/security/cve/CVE-2015-4483/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-4484 page", "url": "https://www.suse.com/security/cve/CVE-2015-4484/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-4485 page", "url": "https://www.suse.com/security/cve/CVE-2015-4485/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-4487 page", "url": "https://www.suse.com/security/cve/CVE-2015-4487/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-4490 page", "url": "https://www.suse.com/security/cve/CVE-2015-4490/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-4491 page", "url": "https://www.suse.com/security/cve/CVE-2015-4491/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-4492 page", "url": "https://www.suse.com/security/cve/CVE-2015-4492/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-4495 page", "url": "https://www.suse.com/security/cve/CVE-2015-4495/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-4497 page", "url": "https://www.suse.com/security/cve/CVE-2015-4497/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-4498 page", "url": "https://www.suse.com/security/cve/CVE-2015-4498/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-4500 page", "url": "https://www.suse.com/security/cve/CVE-2015-4500/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-4502 page", "url": "https://www.suse.com/security/cve/CVE-2015-4502/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-4503 page", "url": "https://www.suse.com/security/cve/CVE-2015-4503/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-4504 page", "url": "https://www.suse.com/security/cve/CVE-2015-4504/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-4505 page", "url": "https://www.suse.com/security/cve/CVE-2015-4505/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-4506 page", "url": "https://www.suse.com/security/cve/CVE-2015-4506/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-4507 page", "url": "https://www.suse.com/security/cve/CVE-2015-4507/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-4508 page", "url": "https://www.suse.com/security/cve/CVE-2015-4508/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-4509 page", "url": "https://www.suse.com/security/cve/CVE-2015-4509/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-4510 page", "url": "https://www.suse.com/security/cve/CVE-2015-4510/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-4511 page", "url": "https://www.suse.com/security/cve/CVE-2015-4511/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-4512 page", "url": "https://www.suse.com/security/cve/CVE-2015-4512/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-4513 page", "url": "https://www.suse.com/security/cve/CVE-2015-4513/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-4515 page", "url": "https://www.suse.com/security/cve/CVE-2015-4515/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-4516 page", "url": "https://www.suse.com/security/cve/CVE-2015-4516/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-4517 page", "url": "https://www.suse.com/security/cve/CVE-2015-4517/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-4518 page", "url": "https://www.suse.com/security/cve/CVE-2015-4518/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-4519 page", "url": "https://www.suse.com/security/cve/CVE-2015-4519/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-4520 page", "url": "https://www.suse.com/security/cve/CVE-2015-4520/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-7174 page", "url": "https://www.suse.com/security/cve/CVE-2015-7174/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-7178 page", "url": "https://www.suse.com/security/cve/CVE-2015-7178/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-7180 page", "url": "https://www.suse.com/security/cve/CVE-2015-7180/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-7181 page", "url": "https://www.suse.com/security/cve/CVE-2015-7181/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-7184 page", "url": "https://www.suse.com/security/cve/CVE-2015-7184/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-7185 page", "url": "https://www.suse.com/security/cve/CVE-2015-7185/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-7186 page", "url": "https://www.suse.com/security/cve/CVE-2015-7186/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-7187 page", "url": "https://www.suse.com/security/cve/CVE-2015-7187/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-7188 page", "url": "https://www.suse.com/security/cve/CVE-2015-7188/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-7189 page", "url": "https://www.suse.com/security/cve/CVE-2015-7189/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-7190 page", "url": "https://www.suse.com/security/cve/CVE-2015-7190/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-7191 page", "url": "https://www.suse.com/security/cve/CVE-2015-7191/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-7192 page", "url": "https://www.suse.com/security/cve/CVE-2015-7192/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-7193 page", "url": "https://www.suse.com/security/cve/CVE-2015-7193/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-7194 page", "url": "https://www.suse.com/security/cve/CVE-2015-7194/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-7195 page", "url": "https://www.suse.com/security/cve/CVE-2015-7195/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-7196 page", "url": "https://www.suse.com/security/cve/CVE-2015-7196/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-7197 page", "url": "https://www.suse.com/security/cve/CVE-2015-7197/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-7198 page", "url": "https://www.suse.com/security/cve/CVE-2015-7198/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-7201 page", "url": "https://www.suse.com/security/cve/CVE-2015-7201/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-7203 page", "url": "https://www.suse.com/security/cve/CVE-2015-7203/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-7204 page", "url": "https://www.suse.com/security/cve/CVE-2015-7204/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-7205 page", "url": "https://www.suse.com/security/cve/CVE-2015-7205/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-7207 page", "url": "https://www.suse.com/security/cve/CVE-2015-7207/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-7208 page", "url": "https://www.suse.com/security/cve/CVE-2015-7208/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-7210 page", "url": "https://www.suse.com/security/cve/CVE-2015-7210/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-7211 page", "url": "https://www.suse.com/security/cve/CVE-2015-7211/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-7212 page", "url": "https://www.suse.com/security/cve/CVE-2015-7212/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-7213 page", "url": "https://www.suse.com/security/cve/CVE-2015-7213/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-7214 page", "url": "https://www.suse.com/security/cve/CVE-2015-7214/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-7215 page", "url": "https://www.suse.com/security/cve/CVE-2015-7215/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-7216 page", "url": "https://www.suse.com/security/cve/CVE-2015-7216/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-7218 page", "url": "https://www.suse.com/security/cve/CVE-2015-7218/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-7222 page", "url": "https://www.suse.com/security/cve/CVE-2015-7222/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-7223 page", "url": "https://www.suse.com/security/cve/CVE-2015-7223/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-7575 page", "url": "https://www.suse.com/security/cve/CVE-2015-7575/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-0718 page", "url": "https://www.suse.com/security/cve/CVE-2016-0718/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-1930 page", "url": "https://www.suse.com/security/cve/CVE-2016-1930/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-1933 page", "url": "https://www.suse.com/security/cve/CVE-2016-1933/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-1935 page", "url": "https://www.suse.com/security/cve/CVE-2016-1935/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-1937 page", "url": "https://www.suse.com/security/cve/CVE-2016-1937/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-1938 page", "url": "https://www.suse.com/security/cve/CVE-2016-1938/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-1942 page", "url": "https://www.suse.com/security/cve/CVE-2016-1942/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-1944 page", "url": "https://www.suse.com/security/cve/CVE-2016-1944/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-1947 page", "url": "https://www.suse.com/security/cve/CVE-2016-1947/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-1949 page", "url": "https://www.suse.com/security/cve/CVE-2016-1949/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-1950 page", "url": "https://www.suse.com/security/cve/CVE-2016-1950/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-1952 page", "url": "https://www.suse.com/security/cve/CVE-2016-1952/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-1954 page", "url": "https://www.suse.com/security/cve/CVE-2016-1954/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-1955 page", "url": "https://www.suse.com/security/cve/CVE-2016-1955/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-1956 page", "url": "https://www.suse.com/security/cve/CVE-2016-1956/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-1957 page", "url": "https://www.suse.com/security/cve/CVE-2016-1957/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-1958 page", "url": "https://www.suse.com/security/cve/CVE-2016-1958/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-1959 page", "url": "https://www.suse.com/security/cve/CVE-2016-1959/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-1960 page", "url": "https://www.suse.com/security/cve/CVE-2016-1960/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-1961 page", "url": "https://www.suse.com/security/cve/CVE-2016-1961/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-1962 page", "url": "https://www.suse.com/security/cve/CVE-2016-1962/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-1963 page", "url": "https://www.suse.com/security/cve/CVE-2016-1963/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-1964 page", "url": "https://www.suse.com/security/cve/CVE-2016-1964/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-1965 page", "url": "https://www.suse.com/security/cve/CVE-2016-1965/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-1966 page", "url": "https://www.suse.com/security/cve/CVE-2016-1966/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-1967 page", "url": "https://www.suse.com/security/cve/CVE-2016-1967/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-1968 page", "url": "https://www.suse.com/security/cve/CVE-2016-1968/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-1970 page", "url": "https://www.suse.com/security/cve/CVE-2016-1970/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-1973 page", "url": "https://www.suse.com/security/cve/CVE-2016-1973/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-1974 page", "url": "https://www.suse.com/security/cve/CVE-2016-1974/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-1976 page", "url": "https://www.suse.com/security/cve/CVE-2016-1976/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-1977 page", "url": "https://www.suse.com/security/cve/CVE-2016-1977/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-1979 page", "url": "https://www.suse.com/security/cve/CVE-2016-1979/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-2792 page", "url": "https://www.suse.com/security/cve/CVE-2016-2792/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-2796 page", "url": "https://www.suse.com/security/cve/CVE-2016-2796/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-2800 page", "url": "https://www.suse.com/security/cve/CVE-2016-2800/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-2804 page", "url": "https://www.suse.com/security/cve/CVE-2016-2804/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-2808 page", "url": "https://www.suse.com/security/cve/CVE-2016-2808/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-2809 page", "url": "https://www.suse.com/security/cve/CVE-2016-2809/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-2810 page", "url": "https://www.suse.com/security/cve/CVE-2016-2810/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-2811 page", "url": "https://www.suse.com/security/cve/CVE-2016-2811/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-2813 page", "url": "https://www.suse.com/security/cve/CVE-2016-2813/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-2814 page", "url": "https://www.suse.com/security/cve/CVE-2016-2814/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-2815 page", "url": "https://www.suse.com/security/cve/CVE-2016-2815/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-2816 page", "url": "https://www.suse.com/security/cve/CVE-2016-2816/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-2817 page", "url": "https://www.suse.com/security/cve/CVE-2016-2817/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-2819 page", "url": "https://www.suse.com/security/cve/CVE-2016-2819/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-2820 page", "url": "https://www.suse.com/security/cve/CVE-2016-2820/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-2821 page", "url": "https://www.suse.com/security/cve/CVE-2016-2821/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-2822 page", "url": "https://www.suse.com/security/cve/CVE-2016-2822/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-2824 page", "url": "https://www.suse.com/security/cve/CVE-2016-2824/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-2825 page", "url": "https://www.suse.com/security/cve/CVE-2016-2825/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-2827 page", "url": "https://www.suse.com/security/cve/CVE-2016-2827/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-2828 page", "url": "https://www.suse.com/security/cve/CVE-2016-2828/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-2829 page", "url": "https://www.suse.com/security/cve/CVE-2016-2829/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-2830 page", "url": "https://www.suse.com/security/cve/CVE-2016-2830/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-2831 page", "url": "https://www.suse.com/security/cve/CVE-2016-2831/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-2832 page", "url": "https://www.suse.com/security/cve/CVE-2016-2832/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-2833 page", "url": "https://www.suse.com/security/cve/CVE-2016-2833/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-2834 page", "url": "https://www.suse.com/security/cve/CVE-2016-2834/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-2835 page", "url": "https://www.suse.com/security/cve/CVE-2016-2835/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-2837 page", "url": "https://www.suse.com/security/cve/CVE-2016-2837/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-2838 page", "url": "https://www.suse.com/security/cve/CVE-2016-2838/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-2839 page", "url": "https://www.suse.com/security/cve/CVE-2016-2839/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-5250 page", "url": "https://www.suse.com/security/cve/CVE-2016-5250/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-5251 page", "url": "https://www.suse.com/security/cve/CVE-2016-5251/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-5252 page", "url": "https://www.suse.com/security/cve/CVE-2016-5252/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-5253 page", "url": "https://www.suse.com/security/cve/CVE-2016-5253/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-5254 page", "url": "https://www.suse.com/security/cve/CVE-2016-5254/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-5255 page", "url": "https://www.suse.com/security/cve/CVE-2016-5255/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-5256 page", "url": "https://www.suse.com/security/cve/CVE-2016-5256/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-5257 page", "url": "https://www.suse.com/security/cve/CVE-2016-5257/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-5258 page", "url": "https://www.suse.com/security/cve/CVE-2016-5258/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-5259 page", "url": "https://www.suse.com/security/cve/CVE-2016-5259/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-5260 page", "url": "https://www.suse.com/security/cve/CVE-2016-5260/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-5261 page", "url": "https://www.suse.com/security/cve/CVE-2016-5261/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-5262 page", "url": "https://www.suse.com/security/cve/CVE-2016-5262/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-5263 page", "url": "https://www.suse.com/security/cve/CVE-2016-5263/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-5264 page", "url": "https://www.suse.com/security/cve/CVE-2016-5264/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-5265 page", "url": "https://www.suse.com/security/cve/CVE-2016-5265/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-5266 page", "url": "https://www.suse.com/security/cve/CVE-2016-5266/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-5267 page", "url": "https://www.suse.com/security/cve/CVE-2016-5267/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-5268 page", "url": "https://www.suse.com/security/cve/CVE-2016-5268/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-5270 page", "url": "https://www.suse.com/security/cve/CVE-2016-5270/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-5271 page", "url": "https://www.suse.com/security/cve/CVE-2016-5271/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-5272 page", "url": "https://www.suse.com/security/cve/CVE-2016-5272/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-5273 page", "url": "https://www.suse.com/security/cve/CVE-2016-5273/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-5274 page", "url": "https://www.suse.com/security/cve/CVE-2016-5274/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-5275 page", "url": "https://www.suse.com/security/cve/CVE-2016-5275/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-5276 page", "url": "https://www.suse.com/security/cve/CVE-2016-5276/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-5277 page", "url": "https://www.suse.com/security/cve/CVE-2016-5277/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-5278 page", "url": "https://www.suse.com/security/cve/CVE-2016-5278/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-5279 page", "url": "https://www.suse.com/security/cve/CVE-2016-5279/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-5280 page", "url": "https://www.suse.com/security/cve/CVE-2016-5280/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-5281 page", "url": "https://www.suse.com/security/cve/CVE-2016-5281/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-5282 page", "url": "https://www.suse.com/security/cve/CVE-2016-5282/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-5283 page", "url": "https://www.suse.com/security/cve/CVE-2016-5283/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-5284 page", "url": "https://www.suse.com/security/cve/CVE-2016-5284/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-5287 page", "url": "https://www.suse.com/security/cve/CVE-2016-5287/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-5288 page", "url": "https://www.suse.com/security/cve/CVE-2016-5288/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-5289 page", "url": "https://www.suse.com/security/cve/CVE-2016-5289/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-5290 page", "url": "https://www.suse.com/security/cve/CVE-2016-5290/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-5291 page", "url": "https://www.suse.com/security/cve/CVE-2016-5291/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-5292 page", "url": "https://www.suse.com/security/cve/CVE-2016-5292/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-5293 page", "url": "https://www.suse.com/security/cve/CVE-2016-5293/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-5294 page", "url": "https://www.suse.com/security/cve/CVE-2016-5294/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-5295 page", "url": "https://www.suse.com/security/cve/CVE-2016-5295/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-5296 page", "url": "https://www.suse.com/security/cve/CVE-2016-5296/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-5297 page", "url": "https://www.suse.com/security/cve/CVE-2016-5297/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-5298 page", "url": "https://www.suse.com/security/cve/CVE-2016-5298/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-5299 page", "url": "https://www.suse.com/security/cve/CVE-2016-5299/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-6354 page", "url": "https://www.suse.com/security/cve/CVE-2016-6354/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-9061 page", "url": "https://www.suse.com/security/cve/CVE-2016-9061/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-9062 page", "url": "https://www.suse.com/security/cve/CVE-2016-9062/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-9063 page", "url": "https://www.suse.com/security/cve/CVE-2016-9063/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-9064 page", "url": "https://www.suse.com/security/cve/CVE-2016-9064/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-9065 page", "url": "https://www.suse.com/security/cve/CVE-2016-9065/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-9066 page", "url": "https://www.suse.com/security/cve/CVE-2016-9066/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-9067 page", "url": "https://www.suse.com/security/cve/CVE-2016-9067/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-9068 page", "url": "https://www.suse.com/security/cve/CVE-2016-9068/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-9069 page", "url": "https://www.suse.com/security/cve/CVE-2016-9069/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-9070 page", "url": "https://www.suse.com/security/cve/CVE-2016-9070/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-9071 page", "url": "https://www.suse.com/security/cve/CVE-2016-9071/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-9072 page", "url": "https://www.suse.com/security/cve/CVE-2016-9072/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-9073 page", "url": "https://www.suse.com/security/cve/CVE-2016-9073/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-9074 page", "url": "https://www.suse.com/security/cve/CVE-2016-9074/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-9075 page", "url": "https://www.suse.com/security/cve/CVE-2016-9075/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-9076 page", "url": "https://www.suse.com/security/cve/CVE-2016-9076/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-9077 page", "url": "https://www.suse.com/security/cve/CVE-2016-9077/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-9078 page", "url": "https://www.suse.com/security/cve/CVE-2016-9078/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-9079 page", "url": "https://www.suse.com/security/cve/CVE-2016-9079/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-9080 page", "url": "https://www.suse.com/security/cve/CVE-2016-9080/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-9893 page", "url": "https://www.suse.com/security/cve/CVE-2016-9893/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-9894 page", "url": "https://www.suse.com/security/cve/CVE-2016-9894/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-9895 page", "url": "https://www.suse.com/security/cve/CVE-2016-9895/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-9896 page", "url": "https://www.suse.com/security/cve/CVE-2016-9896/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-9897 page", "url": "https://www.suse.com/security/cve/CVE-2016-9897/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-9898 page", "url": "https://www.suse.com/security/cve/CVE-2016-9898/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-9899 page", "url": "https://www.suse.com/security/cve/CVE-2016-9899/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-9900 page", "url": "https://www.suse.com/security/cve/CVE-2016-9900/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-9901 page", "url": "https://www.suse.com/security/cve/CVE-2016-9901/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-9902 page", "url": "https://www.suse.com/security/cve/CVE-2016-9902/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-9903 page", "url": "https://www.suse.com/security/cve/CVE-2016-9903/" }, { "category": "self", "summary": "SUSE CVE CVE-2016-9904 page", "url": "https://www.suse.com/security/cve/CVE-2016-9904/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-16541 page", "url": "https://www.suse.com/security/cve/CVE-2017-16541/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-5373 page", "url": "https://www.suse.com/security/cve/CVE-2017-5373/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-5374 page", "url": "https://www.suse.com/security/cve/CVE-2017-5374/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-5375 page", "url": "https://www.suse.com/security/cve/CVE-2017-5375/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-5376 page", "url": "https://www.suse.com/security/cve/CVE-2017-5376/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-5377 page", "url": "https://www.suse.com/security/cve/CVE-2017-5377/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-5378 page", "url": "https://www.suse.com/security/cve/CVE-2017-5378/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-5379 page", "url": "https://www.suse.com/security/cve/CVE-2017-5379/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-5380 page", "url": "https://www.suse.com/security/cve/CVE-2017-5380/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-5381 page", "url": "https://www.suse.com/security/cve/CVE-2017-5381/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-5382 page", "url": "https://www.suse.com/security/cve/CVE-2017-5382/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-5383 page", "url": "https://www.suse.com/security/cve/CVE-2017-5383/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-5384 page", "url": "https://www.suse.com/security/cve/CVE-2017-5384/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-5385 page", "url": "https://www.suse.com/security/cve/CVE-2017-5385/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-5386 page", "url": "https://www.suse.com/security/cve/CVE-2017-5386/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-5387 page", "url": "https://www.suse.com/security/cve/CVE-2017-5387/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-5388 page", "url": "https://www.suse.com/security/cve/CVE-2017-5388/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-5389 page", "url": "https://www.suse.com/security/cve/CVE-2017-5389/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-5390 page", "url": "https://www.suse.com/security/cve/CVE-2017-5390/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-5391 page", "url": "https://www.suse.com/security/cve/CVE-2017-5391/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-5392 page", "url": "https://www.suse.com/security/cve/CVE-2017-5392/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-5393 page", "url": "https://www.suse.com/security/cve/CVE-2017-5393/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-5394 page", "url": "https://www.suse.com/security/cve/CVE-2017-5394/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-5395 page", "url": "https://www.suse.com/security/cve/CVE-2017-5395/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-5396 page", "url": "https://www.suse.com/security/cve/CVE-2017-5396/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-5398 page", "url": "https://www.suse.com/security/cve/CVE-2017-5398/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-5399 page", "url": "https://www.suse.com/security/cve/CVE-2017-5399/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-5400 page", "url": "https://www.suse.com/security/cve/CVE-2017-5400/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-5401 page", "url": "https://www.suse.com/security/cve/CVE-2017-5401/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-5402 page", "url": "https://www.suse.com/security/cve/CVE-2017-5402/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-5403 page", "url": "https://www.suse.com/security/cve/CVE-2017-5403/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-5404 page", "url": "https://www.suse.com/security/cve/CVE-2017-5404/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-5405 page", "url": "https://www.suse.com/security/cve/CVE-2017-5405/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-5406 page", "url": "https://www.suse.com/security/cve/CVE-2017-5406/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-5407 page", "url": "https://www.suse.com/security/cve/CVE-2017-5407/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-5408 page", "url": "https://www.suse.com/security/cve/CVE-2017-5408/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-5410 page", "url": "https://www.suse.com/security/cve/CVE-2017-5410/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-5412 page", "url": "https://www.suse.com/security/cve/CVE-2017-5412/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-5413 page", "url": "https://www.suse.com/security/cve/CVE-2017-5413/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-5414 page", "url": "https://www.suse.com/security/cve/CVE-2017-5414/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-5415 page", "url": "https://www.suse.com/security/cve/CVE-2017-5415/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-5416 page", "url": "https://www.suse.com/security/cve/CVE-2017-5416/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-5417 page", "url": "https://www.suse.com/security/cve/CVE-2017-5417/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-5418 page", "url": "https://www.suse.com/security/cve/CVE-2017-5418/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-5419 page", "url": "https://www.suse.com/security/cve/CVE-2017-5419/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-5420 page", "url": "https://www.suse.com/security/cve/CVE-2017-5420/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-5421 page", "url": "https://www.suse.com/security/cve/CVE-2017-5421/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-5422 page", "url": "https://www.suse.com/security/cve/CVE-2017-5422/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-5426 page", "url": "https://www.suse.com/security/cve/CVE-2017-5426/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-5427 page", "url": "https://www.suse.com/security/cve/CVE-2017-5427/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-5428 page", "url": "https://www.suse.com/security/cve/CVE-2017-5428/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-5429 page", "url": "https://www.suse.com/security/cve/CVE-2017-5429/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-5430 page", "url": "https://www.suse.com/security/cve/CVE-2017-5430/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-5432 page", "url": "https://www.suse.com/security/cve/CVE-2017-5432/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-5433 page", "url": "https://www.suse.com/security/cve/CVE-2017-5433/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-5434 page", "url": "https://www.suse.com/security/cve/CVE-2017-5434/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-5435 page", "url": "https://www.suse.com/security/cve/CVE-2017-5435/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-5436 page", "url": "https://www.suse.com/security/cve/CVE-2017-5436/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-5437 page", "url": "https://www.suse.com/security/cve/CVE-2017-5437/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-5438 page", "url": "https://www.suse.com/security/cve/CVE-2017-5438/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-5439 page", "url": "https://www.suse.com/security/cve/CVE-2017-5439/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-5440 page", "url": "https://www.suse.com/security/cve/CVE-2017-5440/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-5441 page", "url": "https://www.suse.com/security/cve/CVE-2017-5441/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-5442 page", "url": "https://www.suse.com/security/cve/CVE-2017-5442/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-5443 page", "url": "https://www.suse.com/security/cve/CVE-2017-5443/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-5444 page", "url": "https://www.suse.com/security/cve/CVE-2017-5444/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-5445 page", "url": "https://www.suse.com/security/cve/CVE-2017-5445/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-5446 page", "url": "https://www.suse.com/security/cve/CVE-2017-5446/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-5447 page", "url": "https://www.suse.com/security/cve/CVE-2017-5447/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-5448 page", "url": "https://www.suse.com/security/cve/CVE-2017-5448/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-5449 page", "url": "https://www.suse.com/security/cve/CVE-2017-5449/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-5451 page", "url": "https://www.suse.com/security/cve/CVE-2017-5451/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-5453 page", "url": "https://www.suse.com/security/cve/CVE-2017-5453/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-5454 page", "url": "https://www.suse.com/security/cve/CVE-2017-5454/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-5455 page", "url": "https://www.suse.com/security/cve/CVE-2017-5455/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-5456 page", "url": "https://www.suse.com/security/cve/CVE-2017-5456/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-5458 page", "url": "https://www.suse.com/security/cve/CVE-2017-5458/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-5459 page", "url": "https://www.suse.com/security/cve/CVE-2017-5459/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-5460 page", "url": "https://www.suse.com/security/cve/CVE-2017-5460/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-5461 page", "url": "https://www.suse.com/security/cve/CVE-2017-5461/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-5462 page", "url": "https://www.suse.com/security/cve/CVE-2017-5462/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-5464 page", "url": "https://www.suse.com/security/cve/CVE-2017-5464/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-5465 page", "url": "https://www.suse.com/security/cve/CVE-2017-5465/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-5466 page", "url": "https://www.suse.com/security/cve/CVE-2017-5466/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-5467 page", "url": "https://www.suse.com/security/cve/CVE-2017-5467/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-5468 page", "url": "https://www.suse.com/security/cve/CVE-2017-5468/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-5469 page", "url": "https://www.suse.com/security/cve/CVE-2017-5469/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-7753 page", "url": "https://www.suse.com/security/cve/CVE-2017-7753/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-7779 page", "url": "https://www.suse.com/security/cve/CVE-2017-7779/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-7780 page", "url": "https://www.suse.com/security/cve/CVE-2017-7780/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-7781 page", "url": "https://www.suse.com/security/cve/CVE-2017-7781/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-7782 page", "url": "https://www.suse.com/security/cve/CVE-2017-7782/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-7783 page", "url": "https://www.suse.com/security/cve/CVE-2017-7783/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-7784 page", "url": "https://www.suse.com/security/cve/CVE-2017-7784/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-7785 page", "url": "https://www.suse.com/security/cve/CVE-2017-7785/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-7786 page", "url": "https://www.suse.com/security/cve/CVE-2017-7786/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-7787 page", "url": "https://www.suse.com/security/cve/CVE-2017-7787/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-7788 page", "url": "https://www.suse.com/security/cve/CVE-2017-7788/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-7789 page", "url": "https://www.suse.com/security/cve/CVE-2017-7789/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-7790 page", "url": "https://www.suse.com/security/cve/CVE-2017-7790/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-7791 page", "url": "https://www.suse.com/security/cve/CVE-2017-7791/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-7792 page", "url": "https://www.suse.com/security/cve/CVE-2017-7792/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-7793 page", "url": "https://www.suse.com/security/cve/CVE-2017-7793/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-7794 page", "url": "https://www.suse.com/security/cve/CVE-2017-7794/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-7796 page", "url": "https://www.suse.com/security/cve/CVE-2017-7796/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-7797 page", "url": "https://www.suse.com/security/cve/CVE-2017-7797/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-7798 page", "url": "https://www.suse.com/security/cve/CVE-2017-7798/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-7799 page", "url": "https://www.suse.com/security/cve/CVE-2017-7799/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-7800 page", "url": "https://www.suse.com/security/cve/CVE-2017-7800/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-7801 page", "url": "https://www.suse.com/security/cve/CVE-2017-7801/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-7802 page", "url": "https://www.suse.com/security/cve/CVE-2017-7802/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-7803 page", "url": "https://www.suse.com/security/cve/CVE-2017-7803/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-7804 page", "url": "https://www.suse.com/security/cve/CVE-2017-7804/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-7805 page", "url": "https://www.suse.com/security/cve/CVE-2017-7805/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-7806 page", "url": "https://www.suse.com/security/cve/CVE-2017-7806/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-7807 page", "url": "https://www.suse.com/security/cve/CVE-2017-7807/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-7808 page", "url": "https://www.suse.com/security/cve/CVE-2017-7808/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-7809 page", "url": "https://www.suse.com/security/cve/CVE-2017-7809/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-7810 page", "url": "https://www.suse.com/security/cve/CVE-2017-7810/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-7811 page", "url": "https://www.suse.com/security/cve/CVE-2017-7811/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-7812 page", "url": "https://www.suse.com/security/cve/CVE-2017-7812/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-7813 page", "url": "https://www.suse.com/security/cve/CVE-2017-7813/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-7814 page", "url": "https://www.suse.com/security/cve/CVE-2017-7814/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-7815 page", "url": "https://www.suse.com/security/cve/CVE-2017-7815/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-7816 page", "url": "https://www.suse.com/security/cve/CVE-2017-7816/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-7817 page", "url": "https://www.suse.com/security/cve/CVE-2017-7817/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-7818 page", "url": "https://www.suse.com/security/cve/CVE-2017-7818/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-7819 page", "url": "https://www.suse.com/security/cve/CVE-2017-7819/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-7820 page", "url": "https://www.suse.com/security/cve/CVE-2017-7820/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-7821 page", "url": "https://www.suse.com/security/cve/CVE-2017-7821/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-7822 page", "url": "https://www.suse.com/security/cve/CVE-2017-7822/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-7823 page", "url": "https://www.suse.com/security/cve/CVE-2017-7823/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-7824 page", "url": "https://www.suse.com/security/cve/CVE-2017-7824/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-7825 page", "url": "https://www.suse.com/security/cve/CVE-2017-7825/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-7826 page", "url": "https://www.suse.com/security/cve/CVE-2017-7826/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-7827 page", "url": "https://www.suse.com/security/cve/CVE-2017-7827/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-7828 page", "url": "https://www.suse.com/security/cve/CVE-2017-7828/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-7830 page", "url": "https://www.suse.com/security/cve/CVE-2017-7830/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-7831 page", "url": "https://www.suse.com/security/cve/CVE-2017-7831/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-7832 page", "url": "https://www.suse.com/security/cve/CVE-2017-7832/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-7833 page", "url": "https://www.suse.com/security/cve/CVE-2017-7833/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-7834 page", "url": "https://www.suse.com/security/cve/CVE-2017-7834/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-7835 page", "url": "https://www.suse.com/security/cve/CVE-2017-7835/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-7836 page", "url": "https://www.suse.com/security/cve/CVE-2017-7836/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-7837 page", "url": "https://www.suse.com/security/cve/CVE-2017-7837/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-7838 page", "url": "https://www.suse.com/security/cve/CVE-2017-7838/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-7839 page", "url": "https://www.suse.com/security/cve/CVE-2017-7839/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-7840 page", "url": "https://www.suse.com/security/cve/CVE-2017-7840/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-7842 page", "url": "https://www.suse.com/security/cve/CVE-2017-7842/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-7843 page", "url": "https://www.suse.com/security/cve/CVE-2017-7843/" }, { "category": "self", "summary": "SUSE CVE CVE-2017-7844 page", "url": "https://www.suse.com/security/cve/CVE-2017-7844/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-12358 page", "url": "https://www.suse.com/security/cve/CVE-2018-12358/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-12359 page", "url": "https://www.suse.com/security/cve/CVE-2018-12359/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-12360 page", "url": "https://www.suse.com/security/cve/CVE-2018-12360/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-12361 page", "url": "https://www.suse.com/security/cve/CVE-2018-12361/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-12362 page", "url": "https://www.suse.com/security/cve/CVE-2018-12362/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-12363 page", "url": "https://www.suse.com/security/cve/CVE-2018-12363/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-12364 page", "url": "https://www.suse.com/security/cve/CVE-2018-12364/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-12365 page", "url": "https://www.suse.com/security/cve/CVE-2018-12365/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-12366 page", "url": "https://www.suse.com/security/cve/CVE-2018-12366/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-12367 page", "url": "https://www.suse.com/security/cve/CVE-2018-12367/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-12369 page", "url": "https://www.suse.com/security/cve/CVE-2018-12369/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-12370 page", "url": "https://www.suse.com/security/cve/CVE-2018-12370/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-12371 page", "url": "https://www.suse.com/security/cve/CVE-2018-12371/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-12375 page", "url": "https://www.suse.com/security/cve/CVE-2018-12375/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-12376 page", "url": "https://www.suse.com/security/cve/CVE-2018-12376/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-12377 page", "url": "https://www.suse.com/security/cve/CVE-2018-12377/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-12378 page", "url": "https://www.suse.com/security/cve/CVE-2018-12378/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-12379 page", "url": "https://www.suse.com/security/cve/CVE-2018-12379/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-12381 page", "url": "https://www.suse.com/security/cve/CVE-2018-12381/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-12382 page", "url": "https://www.suse.com/security/cve/CVE-2018-12382/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-12383 page", "url": "https://www.suse.com/security/cve/CVE-2018-12383/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-12385 page", "url": "https://www.suse.com/security/cve/CVE-2018-12385/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-12386 page", "url": "https://www.suse.com/security/cve/CVE-2018-12386/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-12387 page", "url": "https://www.suse.com/security/cve/CVE-2018-12387/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-12388 page", "url": "https://www.suse.com/security/cve/CVE-2018-12388/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-12390 page", "url": "https://www.suse.com/security/cve/CVE-2018-12390/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-12391 page", "url": "https://www.suse.com/security/cve/CVE-2018-12391/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-12392 page", "url": "https://www.suse.com/security/cve/CVE-2018-12392/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-12393 page", "url": "https://www.suse.com/security/cve/CVE-2018-12393/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-12395 page", "url": "https://www.suse.com/security/cve/CVE-2018-12395/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-12396 page", "url": "https://www.suse.com/security/cve/CVE-2018-12396/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-12397 page", "url": "https://www.suse.com/security/cve/CVE-2018-12397/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-12398 page", "url": "https://www.suse.com/security/cve/CVE-2018-12398/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-12399 page", "url": "https://www.suse.com/security/cve/CVE-2018-12399/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-12400 page", "url": "https://www.suse.com/security/cve/CVE-2018-12400/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-12401 page", "url": "https://www.suse.com/security/cve/CVE-2018-12401/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-12402 page", "url": "https://www.suse.com/security/cve/CVE-2018-12402/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-12403 page", "url": "https://www.suse.com/security/cve/CVE-2018-12403/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-12405 page", "url": "https://www.suse.com/security/cve/CVE-2018-12405/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-12406 page", "url": "https://www.suse.com/security/cve/CVE-2018-12406/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-12407 page", "url": "https://www.suse.com/security/cve/CVE-2018-12407/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-17466 page", "url": "https://www.suse.com/security/cve/CVE-2018-17466/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-18356 page", "url": "https://www.suse.com/security/cve/CVE-2018-18356/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-18492 page", "url": "https://www.suse.com/security/cve/CVE-2018-18492/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-18493 page", "url": "https://www.suse.com/security/cve/CVE-2018-18493/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-18494 page", "url": "https://www.suse.com/security/cve/CVE-2018-18494/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-18495 page", "url": "https://www.suse.com/security/cve/CVE-2018-18495/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-18496 page", "url": "https://www.suse.com/security/cve/CVE-2018-18496/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-18497 page", "url": "https://www.suse.com/security/cve/CVE-2018-18497/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-18498 page", "url": "https://www.suse.com/security/cve/CVE-2018-18498/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-18500 page", "url": "https://www.suse.com/security/cve/CVE-2018-18500/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-18501 page", "url": "https://www.suse.com/security/cve/CVE-2018-18501/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-18502 page", "url": "https://www.suse.com/security/cve/CVE-2018-18502/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-18503 page", "url": "https://www.suse.com/security/cve/CVE-2018-18503/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-18504 page", "url": "https://www.suse.com/security/cve/CVE-2018-18504/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-18505 page", "url": "https://www.suse.com/security/cve/CVE-2018-18505/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-18506 page", "url": "https://www.suse.com/security/cve/CVE-2018-18506/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-18511 page", "url": "https://www.suse.com/security/cve/CVE-2018-18511/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5089 page", "url": "https://www.suse.com/security/cve/CVE-2018-5089/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5090 page", "url": "https://www.suse.com/security/cve/CVE-2018-5090/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5091 page", "url": "https://www.suse.com/security/cve/CVE-2018-5091/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5092 page", "url": "https://www.suse.com/security/cve/CVE-2018-5092/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5093 page", "url": "https://www.suse.com/security/cve/CVE-2018-5093/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5094 page", "url": "https://www.suse.com/security/cve/CVE-2018-5094/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5095 page", "url": "https://www.suse.com/security/cve/CVE-2018-5095/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5097 page", "url": "https://www.suse.com/security/cve/CVE-2018-5097/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5098 page", "url": "https://www.suse.com/security/cve/CVE-2018-5098/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5099 page", "url": "https://www.suse.com/security/cve/CVE-2018-5099/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5100 page", "url": "https://www.suse.com/security/cve/CVE-2018-5100/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5101 page", "url": "https://www.suse.com/security/cve/CVE-2018-5101/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5102 page", "url": "https://www.suse.com/security/cve/CVE-2018-5102/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5103 page", "url": "https://www.suse.com/security/cve/CVE-2018-5103/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5104 page", "url": "https://www.suse.com/security/cve/CVE-2018-5104/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5105 page", "url": "https://www.suse.com/security/cve/CVE-2018-5105/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5106 page", "url": "https://www.suse.com/security/cve/CVE-2018-5106/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5107 page", "url": "https://www.suse.com/security/cve/CVE-2018-5107/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5108 page", "url": "https://www.suse.com/security/cve/CVE-2018-5108/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5109 page", "url": "https://www.suse.com/security/cve/CVE-2018-5109/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5110 page", "url": "https://www.suse.com/security/cve/CVE-2018-5110/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5111 page", "url": "https://www.suse.com/security/cve/CVE-2018-5111/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5112 page", "url": "https://www.suse.com/security/cve/CVE-2018-5112/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5113 page", "url": "https://www.suse.com/security/cve/CVE-2018-5113/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5114 page", "url": "https://www.suse.com/security/cve/CVE-2018-5114/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5115 page", "url": "https://www.suse.com/security/cve/CVE-2018-5115/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5116 page", "url": "https://www.suse.com/security/cve/CVE-2018-5116/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5117 page", "url": "https://www.suse.com/security/cve/CVE-2018-5117/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5118 page", "url": "https://www.suse.com/security/cve/CVE-2018-5118/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5119 page", "url": "https://www.suse.com/security/cve/CVE-2018-5119/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5121 page", "url": "https://www.suse.com/security/cve/CVE-2018-5121/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5122 page", "url": "https://www.suse.com/security/cve/CVE-2018-5122/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5125 page", "url": "https://www.suse.com/security/cve/CVE-2018-5125/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5126 page", "url": "https://www.suse.com/security/cve/CVE-2018-5126/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5127 page", "url": "https://www.suse.com/security/cve/CVE-2018-5127/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5128 page", "url": "https://www.suse.com/security/cve/CVE-2018-5128/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5129 page", "url": "https://www.suse.com/security/cve/CVE-2018-5129/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5130 page", "url": "https://www.suse.com/security/cve/CVE-2018-5130/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5131 page", "url": "https://www.suse.com/security/cve/CVE-2018-5131/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5132 page", "url": "https://www.suse.com/security/cve/CVE-2018-5132/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5133 page", "url": "https://www.suse.com/security/cve/CVE-2018-5133/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5134 page", "url": "https://www.suse.com/security/cve/CVE-2018-5134/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5135 page", "url": "https://www.suse.com/security/cve/CVE-2018-5135/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5136 page", "url": "https://www.suse.com/security/cve/CVE-2018-5136/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5137 page", "url": "https://www.suse.com/security/cve/CVE-2018-5137/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5138 page", "url": "https://www.suse.com/security/cve/CVE-2018-5138/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5140 page", "url": "https://www.suse.com/security/cve/CVE-2018-5140/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5141 page", "url": "https://www.suse.com/security/cve/CVE-2018-5141/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5142 page", "url": "https://www.suse.com/security/cve/CVE-2018-5142/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5143 page", "url": "https://www.suse.com/security/cve/CVE-2018-5143/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5146 page", "url": "https://www.suse.com/security/cve/CVE-2018-5146/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5147 page", "url": "https://www.suse.com/security/cve/CVE-2018-5147/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5148 page", "url": "https://www.suse.com/security/cve/CVE-2018-5148/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5150 page", "url": "https://www.suse.com/security/cve/CVE-2018-5150/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5151 page", "url": "https://www.suse.com/security/cve/CVE-2018-5151/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5152 page", "url": "https://www.suse.com/security/cve/CVE-2018-5152/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5153 page", "url": "https://www.suse.com/security/cve/CVE-2018-5153/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5154 page", "url": "https://www.suse.com/security/cve/CVE-2018-5154/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5155 page", "url": "https://www.suse.com/security/cve/CVE-2018-5155/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5156 page", "url": "https://www.suse.com/security/cve/CVE-2018-5156/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5157 page", "url": "https://www.suse.com/security/cve/CVE-2018-5157/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5158 page", "url": "https://www.suse.com/security/cve/CVE-2018-5158/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5159 page", "url": "https://www.suse.com/security/cve/CVE-2018-5159/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5160 page", "url": "https://www.suse.com/security/cve/CVE-2018-5160/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5163 page", "url": "https://www.suse.com/security/cve/CVE-2018-5163/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5164 page", "url": "https://www.suse.com/security/cve/CVE-2018-5164/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5165 page", "url": "https://www.suse.com/security/cve/CVE-2018-5165/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5166 page", "url": "https://www.suse.com/security/cve/CVE-2018-5166/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5167 page", "url": "https://www.suse.com/security/cve/CVE-2018-5167/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5168 page", "url": "https://www.suse.com/security/cve/CVE-2018-5168/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5169 page", "url": "https://www.suse.com/security/cve/CVE-2018-5169/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5172 page", "url": "https://www.suse.com/security/cve/CVE-2018-5172/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5173 page", "url": "https://www.suse.com/security/cve/CVE-2018-5173/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5174 page", "url": "https://www.suse.com/security/cve/CVE-2018-5174/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5175 page", "url": "https://www.suse.com/security/cve/CVE-2018-5175/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5176 page", "url": "https://www.suse.com/security/cve/CVE-2018-5176/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5177 page", "url": "https://www.suse.com/security/cve/CVE-2018-5177/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5180 page", "url": "https://www.suse.com/security/cve/CVE-2018-5180/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5181 page", "url": "https://www.suse.com/security/cve/CVE-2018-5181/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5182 page", "url": "https://www.suse.com/security/cve/CVE-2018-5182/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5186 page", "url": "https://www.suse.com/security/cve/CVE-2018-5186/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5187 page", "url": "https://www.suse.com/security/cve/CVE-2018-5187/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-5188 page", "url": "https://www.suse.com/security/cve/CVE-2018-5188/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-6126 page", "url": "https://www.suse.com/security/cve/CVE-2018-6126/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-6156 page", "url": "https://www.suse.com/security/cve/CVE-2018-6156/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-11691 page", "url": "https://www.suse.com/security/cve/CVE-2019-11691/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-11692 page", "url": "https://www.suse.com/security/cve/CVE-2019-11692/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-11693 page", "url": "https://www.suse.com/security/cve/CVE-2019-11693/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-11694 page", "url": "https://www.suse.com/security/cve/CVE-2019-11694/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-11695 page", "url": "https://www.suse.com/security/cve/CVE-2019-11695/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-11696 page", "url": "https://www.suse.com/security/cve/CVE-2019-11696/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-11697 page", "url": "https://www.suse.com/security/cve/CVE-2019-11697/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-11698 page", "url": "https://www.suse.com/security/cve/CVE-2019-11698/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-11699 page", "url": "https://www.suse.com/security/cve/CVE-2019-11699/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-11700 page", "url": "https://www.suse.com/security/cve/CVE-2019-11700/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-11701 page", "url": "https://www.suse.com/security/cve/CVE-2019-11701/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-11707 page", "url": "https://www.suse.com/security/cve/CVE-2019-11707/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-11708 page", "url": "https://www.suse.com/security/cve/CVE-2019-11708/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-11709 page", "url": "https://www.suse.com/security/cve/CVE-2019-11709/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-11710 page", "url": "https://www.suse.com/security/cve/CVE-2019-11710/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-11711 page", "url": "https://www.suse.com/security/cve/CVE-2019-11711/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-11712 page", "url": "https://www.suse.com/security/cve/CVE-2019-11712/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-11713 page", "url": "https://www.suse.com/security/cve/CVE-2019-11713/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-11714 page", "url": "https://www.suse.com/security/cve/CVE-2019-11714/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-11715 page", "url": "https://www.suse.com/security/cve/CVE-2019-11715/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-11716 page", "url": "https://www.suse.com/security/cve/CVE-2019-11716/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-11717 page", "url": "https://www.suse.com/security/cve/CVE-2019-11717/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-11718 page", "url": "https://www.suse.com/security/cve/CVE-2019-11718/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-11719 page", "url": "https://www.suse.com/security/cve/CVE-2019-11719/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-11720 page", "url": "https://www.suse.com/security/cve/CVE-2019-11720/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-11721 page", "url": "https://www.suse.com/security/cve/CVE-2019-11721/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-11723 page", "url": "https://www.suse.com/security/cve/CVE-2019-11723/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-11724 page", "url": "https://www.suse.com/security/cve/CVE-2019-11724/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-11725 page", "url": "https://www.suse.com/security/cve/CVE-2019-11725/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-11727 page", "url": "https://www.suse.com/security/cve/CVE-2019-11727/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-11728 page", "url": "https://www.suse.com/security/cve/CVE-2019-11728/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-11729 page", "url": "https://www.suse.com/security/cve/CVE-2019-11729/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-11730 page", "url": "https://www.suse.com/security/cve/CVE-2019-11730/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-11733 page", "url": "https://www.suse.com/security/cve/CVE-2019-11733/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-11734 page", "url": "https://www.suse.com/security/cve/CVE-2019-11734/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-11735 page", "url": "https://www.suse.com/security/cve/CVE-2019-11735/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-11736 page", "url": "https://www.suse.com/security/cve/CVE-2019-11736/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-11737 page", "url": "https://www.suse.com/security/cve/CVE-2019-11737/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-11738 page", "url": "https://www.suse.com/security/cve/CVE-2019-11738/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-11740 page", "url": "https://www.suse.com/security/cve/CVE-2019-11740/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-11741 page", "url": "https://www.suse.com/security/cve/CVE-2019-11741/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-11742 page", "url": "https://www.suse.com/security/cve/CVE-2019-11742/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-11743 page", "url": "https://www.suse.com/security/cve/CVE-2019-11743/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-11744 page", "url": "https://www.suse.com/security/cve/CVE-2019-11744/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-11746 page", "url": "https://www.suse.com/security/cve/CVE-2019-11746/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-11747 page", "url": "https://www.suse.com/security/cve/CVE-2019-11747/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-11748 page", "url": "https://www.suse.com/security/cve/CVE-2019-11748/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-11749 page", "url": "https://www.suse.com/security/cve/CVE-2019-11749/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-11750 page", "url": "https://www.suse.com/security/cve/CVE-2019-11750/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-11751 page", "url": "https://www.suse.com/security/cve/CVE-2019-11751/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-11752 page", "url": "https://www.suse.com/security/cve/CVE-2019-11752/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-11753 page", "url": "https://www.suse.com/security/cve/CVE-2019-11753/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-11754 page", "url": "https://www.suse.com/security/cve/CVE-2019-11754/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-11756 page", "url": "https://www.suse.com/security/cve/CVE-2019-11756/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-11757 page", "url": "https://www.suse.com/security/cve/CVE-2019-11757/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-11759 page", "url": "https://www.suse.com/security/cve/CVE-2019-11759/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-11760 page", "url": "https://www.suse.com/security/cve/CVE-2019-11760/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-11761 page", "url": "https://www.suse.com/security/cve/CVE-2019-11761/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-11762 page", "url": "https://www.suse.com/security/cve/CVE-2019-11762/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-11763 page", "url": "https://www.suse.com/security/cve/CVE-2019-11763/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-11764 page", "url": "https://www.suse.com/security/cve/CVE-2019-11764/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-11765 page", "url": "https://www.suse.com/security/cve/CVE-2019-11765/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-13722 page", "url": "https://www.suse.com/security/cve/CVE-2019-13722/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-15903 page", "url": "https://www.suse.com/security/cve/CVE-2019-15903/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-17000 page", "url": "https://www.suse.com/security/cve/CVE-2019-17000/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-17001 page", "url": "https://www.suse.com/security/cve/CVE-2019-17001/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-17002 page", "url": "https://www.suse.com/security/cve/CVE-2019-17002/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-17005 page", "url": "https://www.suse.com/security/cve/CVE-2019-17005/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-17008 page", "url": "https://www.suse.com/security/cve/CVE-2019-17008/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-17010 page", "url": "https://www.suse.com/security/cve/CVE-2019-17010/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-17011 page", "url": "https://www.suse.com/security/cve/CVE-2019-17011/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-17012 page", "url": "https://www.suse.com/security/cve/CVE-2019-17012/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-17013 page", "url": "https://www.suse.com/security/cve/CVE-2019-17013/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-17014 page", "url": "https://www.suse.com/security/cve/CVE-2019-17014/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-17016 page", "url": "https://www.suse.com/security/cve/CVE-2019-17016/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-17017 page", "url": "https://www.suse.com/security/cve/CVE-2019-17017/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-17020 page", "url": "https://www.suse.com/security/cve/CVE-2019-17020/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-17022 page", "url": "https://www.suse.com/security/cve/CVE-2019-17022/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-17023 page", "url": "https://www.suse.com/security/cve/CVE-2019-17023/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-17024 page", "url": "https://www.suse.com/security/cve/CVE-2019-17024/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-17025 page", "url": "https://www.suse.com/security/cve/CVE-2019-17025/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-17026 page", "url": "https://www.suse.com/security/cve/CVE-2019-17026/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-20503 page", "url": "https://www.suse.com/security/cve/CVE-2019-20503/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-5785 page", "url": "https://www.suse.com/security/cve/CVE-2019-5785/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-5849 page", "url": "https://www.suse.com/security/cve/CVE-2019-5849/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-7317 page", "url": "https://www.suse.com/security/cve/CVE-2019-7317/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-9788 page", "url": "https://www.suse.com/security/cve/CVE-2019-9788/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-9789 page", "url": "https://www.suse.com/security/cve/CVE-2019-9789/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-9790 page", "url": "https://www.suse.com/security/cve/CVE-2019-9790/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-9791 page", "url": "https://www.suse.com/security/cve/CVE-2019-9791/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-9792 page", "url": "https://www.suse.com/security/cve/CVE-2019-9792/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-9793 page", "url": "https://www.suse.com/security/cve/CVE-2019-9793/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-9794 page", "url": "https://www.suse.com/security/cve/CVE-2019-9794/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-9795 page", "url": "https://www.suse.com/security/cve/CVE-2019-9795/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-9796 page", "url": "https://www.suse.com/security/cve/CVE-2019-9796/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-9797 page", "url": "https://www.suse.com/security/cve/CVE-2019-9797/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-9798 page", "url": "https://www.suse.com/security/cve/CVE-2019-9798/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-9799 page", "url": "https://www.suse.com/security/cve/CVE-2019-9799/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-9800 page", "url": "https://www.suse.com/security/cve/CVE-2019-9800/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-9801 page", "url": "https://www.suse.com/security/cve/CVE-2019-9801/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-9802 page", "url": "https://www.suse.com/security/cve/CVE-2019-9802/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-9803 page", "url": "https://www.suse.com/security/cve/CVE-2019-9803/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-9804 page", "url": "https://www.suse.com/security/cve/CVE-2019-9804/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-9805 page", "url": "https://www.suse.com/security/cve/CVE-2019-9805/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-9806 page", "url": "https://www.suse.com/security/cve/CVE-2019-9806/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-9807 page", "url": "https://www.suse.com/security/cve/CVE-2019-9807/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-9808 page", "url": "https://www.suse.com/security/cve/CVE-2019-9808/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-9809 page", "url": "https://www.suse.com/security/cve/CVE-2019-9809/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-9810 page", "url": "https://www.suse.com/security/cve/CVE-2019-9810/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-9811 page", "url": "https://www.suse.com/security/cve/CVE-2019-9811/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-9812 page", "url": "https://www.suse.com/security/cve/CVE-2019-9812/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-9813 page", "url": "https://www.suse.com/security/cve/CVE-2019-9813/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-9814 page", "url": "https://www.suse.com/security/cve/CVE-2019-9814/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-9815 page", "url": "https://www.suse.com/security/cve/CVE-2019-9815/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-9816 page", "url": "https://www.suse.com/security/cve/CVE-2019-9816/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-9817 page", "url": "https://www.suse.com/security/cve/CVE-2019-9817/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-9818 page", "url": "https://www.suse.com/security/cve/CVE-2019-9818/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-9819 page", "url": "https://www.suse.com/security/cve/CVE-2019-9819/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-9820 page", "url": "https://www.suse.com/security/cve/CVE-2019-9820/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-9821 page", "url": "https://www.suse.com/security/cve/CVE-2019-9821/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-12387 page", "url": "https://www.suse.com/security/cve/CVE-2020-12387/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-12388 page", "url": "https://www.suse.com/security/cve/CVE-2020-12388/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-12389 page", "url": "https://www.suse.com/security/cve/CVE-2020-12389/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-12390 page", "url": "https://www.suse.com/security/cve/CVE-2020-12390/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-12391 page", "url": "https://www.suse.com/security/cve/CVE-2020-12391/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-12392 page", "url": "https://www.suse.com/security/cve/CVE-2020-12392/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-12393 page", "url": "https://www.suse.com/security/cve/CVE-2020-12393/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-12394 page", "url": "https://www.suse.com/security/cve/CVE-2020-12394/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-12395 page", "url": "https://www.suse.com/security/cve/CVE-2020-12395/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-12396 page", "url": "https://www.suse.com/security/cve/CVE-2020-12396/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-12399 page", "url": "https://www.suse.com/security/cve/CVE-2020-12399/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-12400 page", "url": "https://www.suse.com/security/cve/CVE-2020-12400/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-12401 page", "url": "https://www.suse.com/security/cve/CVE-2020-12401/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-12402 page", "url": "https://www.suse.com/security/cve/CVE-2020-12402/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-12405 page", "url": "https://www.suse.com/security/cve/CVE-2020-12405/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-12406 page", "url": "https://www.suse.com/security/cve/CVE-2020-12406/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-12407 page", "url": "https://www.suse.com/security/cve/CVE-2020-12407/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-12408 page", "url": "https://www.suse.com/security/cve/CVE-2020-12408/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-12409 page", "url": "https://www.suse.com/security/cve/CVE-2020-12409/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-12411 page", "url": "https://www.suse.com/security/cve/CVE-2020-12411/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-12415 page", "url": "https://www.suse.com/security/cve/CVE-2020-12415/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-12416 page", "url": "https://www.suse.com/security/cve/CVE-2020-12416/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-12417 page", "url": "https://www.suse.com/security/cve/CVE-2020-12417/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-12418 page", "url": "https://www.suse.com/security/cve/CVE-2020-12418/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-12419 page", "url": "https://www.suse.com/security/cve/CVE-2020-12419/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-12420 page", "url": "https://www.suse.com/security/cve/CVE-2020-12420/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-12421 page", "url": "https://www.suse.com/security/cve/CVE-2020-12421/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-12422 page", "url": "https://www.suse.com/security/cve/CVE-2020-12422/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-12423 page", "url": "https://www.suse.com/security/cve/CVE-2020-12423/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-12424 page", "url": "https://www.suse.com/security/cve/CVE-2020-12424/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-12425 page", "url": "https://www.suse.com/security/cve/CVE-2020-12425/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-12426 page", "url": "https://www.suse.com/security/cve/CVE-2020-12426/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-15254 page", "url": "https://www.suse.com/security/cve/CVE-2020-15254/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-15652 page", "url": "https://www.suse.com/security/cve/CVE-2020-15652/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-15653 page", "url": "https://www.suse.com/security/cve/CVE-2020-15653/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-15654 page", "url": "https://www.suse.com/security/cve/CVE-2020-15654/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-15655 page", "url": "https://www.suse.com/security/cve/CVE-2020-15655/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-15656 page", "url": "https://www.suse.com/security/cve/CVE-2020-15656/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-15657 page", "url": "https://www.suse.com/security/cve/CVE-2020-15657/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-15658 page", "url": "https://www.suse.com/security/cve/CVE-2020-15658/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-15659 page", "url": "https://www.suse.com/security/cve/CVE-2020-15659/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-15663 page", "url": "https://www.suse.com/security/cve/CVE-2020-15663/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-15664 page", "url": "https://www.suse.com/security/cve/CVE-2020-15664/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-15665 page", "url": "https://www.suse.com/security/cve/CVE-2020-15665/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-15666 page", "url": "https://www.suse.com/security/cve/CVE-2020-15666/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-15667 page", "url": "https://www.suse.com/security/cve/CVE-2020-15667/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-15668 page", "url": "https://www.suse.com/security/cve/CVE-2020-15668/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-15670 page", "url": "https://www.suse.com/security/cve/CVE-2020-15670/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-15673 page", "url": "https://www.suse.com/security/cve/CVE-2020-15673/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-15674 page", "url": "https://www.suse.com/security/cve/CVE-2020-15674/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-15675 page", "url": "https://www.suse.com/security/cve/CVE-2020-15675/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-15676 page", "url": "https://www.suse.com/security/cve/CVE-2020-15676/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-15677 page", "url": "https://www.suse.com/security/cve/CVE-2020-15677/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-15678 page", "url": "https://www.suse.com/security/cve/CVE-2020-15678/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-15680 page", "url": "https://www.suse.com/security/cve/CVE-2020-15680/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-15681 page", "url": "https://www.suse.com/security/cve/CVE-2020-15681/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-15682 page", "url": "https://www.suse.com/security/cve/CVE-2020-15682/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-15683 page", "url": "https://www.suse.com/security/cve/CVE-2020-15683/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-15684 page", "url": "https://www.suse.com/security/cve/CVE-2020-15684/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-15969 page", "url": "https://www.suse.com/security/cve/CVE-2020-15969/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-15999 page", "url": "https://www.suse.com/security/cve/CVE-2020-15999/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-16012 page", "url": "https://www.suse.com/security/cve/CVE-2020-16012/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-16042 page", "url": "https://www.suse.com/security/cve/CVE-2020-16042/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-16044 page", "url": "https://www.suse.com/security/cve/CVE-2020-16044/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-26950 page", "url": "https://www.suse.com/security/cve/CVE-2020-26950/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-26951 page", "url": "https://www.suse.com/security/cve/CVE-2020-26951/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-26952 page", "url": "https://www.suse.com/security/cve/CVE-2020-26952/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-26953 page", "url": "https://www.suse.com/security/cve/CVE-2020-26953/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-26954 page", "url": "https://www.suse.com/security/cve/CVE-2020-26954/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-26955 page", "url": "https://www.suse.com/security/cve/CVE-2020-26955/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-26956 page", "url": "https://www.suse.com/security/cve/CVE-2020-26956/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-26957 page", "url": "https://www.suse.com/security/cve/CVE-2020-26957/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-26958 page", "url": "https://www.suse.com/security/cve/CVE-2020-26958/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-26959 page", "url": "https://www.suse.com/security/cve/CVE-2020-26959/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-26960 page", "url": "https://www.suse.com/security/cve/CVE-2020-26960/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-26961 page", "url": "https://www.suse.com/security/cve/CVE-2020-26961/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-26962 page", "url": "https://www.suse.com/security/cve/CVE-2020-26962/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-26963 page", "url": "https://www.suse.com/security/cve/CVE-2020-26963/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-26964 page", "url": "https://www.suse.com/security/cve/CVE-2020-26964/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-26965 page", "url": "https://www.suse.com/security/cve/CVE-2020-26965/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-26966 page", "url": "https://www.suse.com/security/cve/CVE-2020-26966/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-26967 page", "url": "https://www.suse.com/security/cve/CVE-2020-26967/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-26968 page", "url": "https://www.suse.com/security/cve/CVE-2020-26968/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-26969 page", "url": "https://www.suse.com/security/cve/CVE-2020-26969/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-26971 page", "url": "https://www.suse.com/security/cve/CVE-2020-26971/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-26972 page", "url": "https://www.suse.com/security/cve/CVE-2020-26972/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-26973 page", "url": "https://www.suse.com/security/cve/CVE-2020-26973/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-26974 page", "url": "https://www.suse.com/security/cve/CVE-2020-26974/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-26975 page", "url": "https://www.suse.com/security/cve/CVE-2020-26975/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-26976 page", "url": "https://www.suse.com/security/cve/CVE-2020-26976/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-26977 page", "url": "https://www.suse.com/security/cve/CVE-2020-26977/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-26978 page", "url": "https://www.suse.com/security/cve/CVE-2020-26978/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-26979 page", "url": "https://www.suse.com/security/cve/CVE-2020-26979/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-35111 page", "url": "https://www.suse.com/security/cve/CVE-2020-35111/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-35112 page", "url": "https://www.suse.com/security/cve/CVE-2020-35112/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-35113 page", "url": "https://www.suse.com/security/cve/CVE-2020-35113/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-35114 page", "url": "https://www.suse.com/security/cve/CVE-2020-35114/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-6463 page", "url": "https://www.suse.com/security/cve/CVE-2020-6463/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-6514 page", "url": "https://www.suse.com/security/cve/CVE-2020-6514/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-6796 page", "url": "https://www.suse.com/security/cve/CVE-2020-6796/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-6797 page", "url": "https://www.suse.com/security/cve/CVE-2020-6797/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-6798 page", "url": "https://www.suse.com/security/cve/CVE-2020-6798/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-6799 page", "url": "https://www.suse.com/security/cve/CVE-2020-6799/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-6800 page", "url": "https://www.suse.com/security/cve/CVE-2020-6800/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-6801 page", "url": "https://www.suse.com/security/cve/CVE-2020-6801/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-6805 page", "url": "https://www.suse.com/security/cve/CVE-2020-6805/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-6806 page", "url": "https://www.suse.com/security/cve/CVE-2020-6806/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-6807 page", "url": "https://www.suse.com/security/cve/CVE-2020-6807/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-6808 page", "url": "https://www.suse.com/security/cve/CVE-2020-6808/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-6809 page", "url": "https://www.suse.com/security/cve/CVE-2020-6809/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-6810 page", "url": "https://www.suse.com/security/cve/CVE-2020-6810/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-6811 page", "url": "https://www.suse.com/security/cve/CVE-2020-6811/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-6812 page", "url": "https://www.suse.com/security/cve/CVE-2020-6812/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-6813 page", "url": "https://www.suse.com/security/cve/CVE-2020-6813/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-6814 page", "url": "https://www.suse.com/security/cve/CVE-2020-6814/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-6815 page", "url": "https://www.suse.com/security/cve/CVE-2020-6815/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-6819 page", "url": "https://www.suse.com/security/cve/CVE-2020-6819/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-6820 page", "url": "https://www.suse.com/security/cve/CVE-2020-6820/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-6821 page", "url": "https://www.suse.com/security/cve/CVE-2020-6821/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-6822 page", "url": "https://www.suse.com/security/cve/CVE-2020-6822/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-6823 page", "url": "https://www.suse.com/security/cve/CVE-2020-6823/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-6824 page", "url": "https://www.suse.com/security/cve/CVE-2020-6824/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-6825 page", "url": "https://www.suse.com/security/cve/CVE-2020-6825/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-6826 page", "url": "https://www.suse.com/security/cve/CVE-2020-6826/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-6829 page", "url": "https://www.suse.com/security/cve/CVE-2020-6829/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-6831 page", "url": "https://www.suse.com/security/cve/CVE-2020-6831/" }, { "category": "self", "summary": "SUSE CVE CVE-2021-23953 page", "url": "https://www.suse.com/security/cve/CVE-2021-23953/" }, { "category": "self", "summary": "SUSE CVE CVE-2021-23954 page", "url": "https://www.suse.com/security/cve/CVE-2021-23954/" }, { "category": "self", "summary": "SUSE CVE CVE-2021-23955 page", "url": "https://www.suse.com/security/cve/CVE-2021-23955/" }, { "category": "self", "summary": "SUSE CVE CVE-2021-23956 page", "url": "https://www.suse.com/security/cve/CVE-2021-23956/" }, { "category": "self", "summary": "SUSE CVE CVE-2021-23957 page", "url": "https://www.suse.com/security/cve/CVE-2021-23957/" }, { "category": "self", "summary": "SUSE CVE CVE-2021-23958 page", "url": "https://www.suse.com/security/cve/CVE-2021-23958/" }, { "category": "self", "summary": "SUSE CVE CVE-2021-23959 page", "url": "https://www.suse.com/security/cve/CVE-2021-23959/" }, { "category": "self", "summary": "SUSE CVE CVE-2021-23960 page", "url": "https://www.suse.com/security/cve/CVE-2021-23960/" }, { "category": "self", "summary": "SUSE CVE CVE-2021-23961 page", "url": "https://www.suse.com/security/cve/CVE-2021-23961/" }, { "category": "self", "summary": "SUSE CVE CVE-2021-23962 page", "url": "https://www.suse.com/security/cve/CVE-2021-23962/" }, { "category": "self", "summary": "SUSE CVE CVE-2021-23963 page", "url": "https://www.suse.com/security/cve/CVE-2021-23963/" }, { "category": "self", "summary": "SUSE CVE CVE-2021-23964 page", "url": "https://www.suse.com/security/cve/CVE-2021-23964/" }, { "category": "self", "summary": "SUSE CVE CVE-2021-23965 page", "url": "https://www.suse.com/security/cve/CVE-2021-23965/" }, { "category": "self", "summary": "SUSE CVE CVE-2021-23968 page", "url": "https://www.suse.com/security/cve/CVE-2021-23968/" }, { "category": "self", "summary": "SUSE CVE CVE-2021-23969 page", "url": "https://www.suse.com/security/cve/CVE-2021-23969/" }, { "category": "self", "summary": "SUSE CVE CVE-2021-23970 page", "url": "https://www.suse.com/security/cve/CVE-2021-23970/" }, { "category": "self", "summary": "SUSE CVE CVE-2021-23971 page", "url": "https://www.suse.com/security/cve/CVE-2021-23971/" }, { "category": "self", "summary": "SUSE CVE CVE-2021-23972 page", "url": "https://www.suse.com/security/cve/CVE-2021-23972/" }, { "category": "self", "summary": "SUSE CVE CVE-2021-23973 page", "url": "https://www.suse.com/security/cve/CVE-2021-23973/" }, { "category": "self", "summary": "SUSE CVE CVE-2021-23974 page", "url": "https://www.suse.com/security/cve/CVE-2021-23974/" }, { "category": "self", "summary": "SUSE CVE CVE-2021-23975 page", "url": "https://www.suse.com/security/cve/CVE-2021-23975/" }, { "category": "self", "summary": "SUSE CVE CVE-2021-23976 page", "url": "https://www.suse.com/security/cve/CVE-2021-23976/" }, { "category": "self", "summary": "SUSE CVE CVE-2021-23977 page", "url": "https://www.suse.com/security/cve/CVE-2021-23977/" }, { "category": "self", "summary": "SUSE CVE CVE-2021-23978 page", "url": "https://www.suse.com/security/cve/CVE-2021-23978/" }, { "category": "self", "summary": "SUSE CVE CVE-2021-23979 page", "url": "https://www.suse.com/security/cve/CVE-2021-23979/" }, { "category": "self", "summary": "SUSE CVE CVE-2021-23981 page", "url": "https://www.suse.com/security/cve/CVE-2021-23981/" }, { "category": "self", "summary": "SUSE CVE CVE-2021-23982 page", "url": "https://www.suse.com/security/cve/CVE-2021-23982/" }, { "category": "self", "summary": "SUSE CVE CVE-2021-23983 page", "url": "https://www.suse.com/security/cve/CVE-2021-23983/" }, { "category": "self", "summary": "SUSE CVE CVE-2021-23984 page", "url": "https://www.suse.com/security/cve/CVE-2021-23984/" }, { "category": "self", "summary": "SUSE CVE CVE-2021-23985 page", "url": "https://www.suse.com/security/cve/CVE-2021-23985/" }, { "category": "self", "summary": "SUSE CVE CVE-2021-23986 page", "url": "https://www.suse.com/security/cve/CVE-2021-23986/" }, { "category": "self", "summary": "SUSE CVE CVE-2021-23987 page", "url": "https://www.suse.com/security/cve/CVE-2021-23987/" }, { "category": "self", "summary": "SUSE CVE CVE-2021-23988 page", "url": "https://www.suse.com/security/cve/CVE-2021-23988/" }, { "category": "self", "summary": "SUSE CVE CVE-2021-23994 page", "url": "https://www.suse.com/security/cve/CVE-2021-23994/" }, { "category": "self", "summary": "SUSE CVE CVE-2021-23995 page", "url": "https://www.suse.com/security/cve/CVE-2021-23995/" }, { "category": "self", "summary": "SUSE CVE CVE-2021-23996 page", "url": "https://www.suse.com/security/cve/CVE-2021-23996/" }, { "category": "self", "summary": "SUSE CVE CVE-2021-23997 page", "url": "https://www.suse.com/security/cve/CVE-2021-23997/" }, { "category": "self", "summary": "SUSE CVE CVE-2021-23998 page", "url": "https://www.suse.com/security/cve/CVE-2021-23998/" }, { "category": "self", "summary": "SUSE CVE CVE-2021-23999 page", "url": "https://www.suse.com/security/cve/CVE-2021-23999/" }, { "category": "self", "summary": "SUSE CVE CVE-2021-24000 page", "url": "https://www.suse.com/security/cve/CVE-2021-24000/" }, { "category": "self", "summary": "SUSE CVE CVE-2021-24001 page", "url": "https://www.suse.com/security/cve/CVE-2021-24001/" }, { "category": "self", "summary": "SUSE CVE CVE-2021-24002 page", "url": "https://www.suse.com/security/cve/CVE-2021-24002/" }, { "category": "self", "summary": "SUSE CVE CVE-2021-29944 page", "url": "https://www.suse.com/security/cve/CVE-2021-29944/" }, { "category": "self", "summary": "SUSE CVE CVE-2021-29945 page", "url": "https://www.suse.com/security/cve/CVE-2021-29945/" }, { "category": "self", "summary": "SUSE CVE CVE-2021-29946 page", "url": "https://www.suse.com/security/cve/CVE-2021-29946/" }, { "category": "self", "summary": "SUSE CVE CVE-2021-29947 page", "url": "https://www.suse.com/security/cve/CVE-2021-29947/" }, { "category": "self", "summary": "SUSE CVE CVE-2021-29952 page", "url": "https://www.suse.com/security/cve/CVE-2021-29952/" }, { "category": "self", "summary": "SUSE CVE CVE-2021-29959 page", "url": "https://www.suse.com/security/cve/CVE-2021-29959/" }, { "category": "self", "summary": "SUSE CVE CVE-2021-29960 page", "url": "https://www.suse.com/security/cve/CVE-2021-29960/" }, { "category": "self", "summary": "SUSE CVE CVE-2021-29961 page", "url": "https://www.suse.com/security/cve/CVE-2021-29961/" }, { "category": "self", "summary": "SUSE CVE CVE-2021-29962 page", "url": "https://www.suse.com/security/cve/CVE-2021-29962/" }, { "category": "self", "summary": "SUSE CVE CVE-2021-29963 page", "url": "https://www.suse.com/security/cve/CVE-2021-29963/" }, { "category": "self", "summary": "SUSE CVE CVE-2021-29964 page", "url": "https://www.suse.com/security/cve/CVE-2021-29964/" }, { "category": "self", "summary": "SUSE CVE CVE-2021-29965 page", "url": "https://www.suse.com/security/cve/CVE-2021-29965/" }, { "category": "self", "summary": "SUSE CVE CVE-2021-29966 page", "url": "https://www.suse.com/security/cve/CVE-2021-29966/" }, { "category": "self", "summary": "SUSE CVE CVE-2021-29967 page", "url": "https://www.suse.com/security/cve/CVE-2021-29967/" }, { "category": "self", "summary": "SUSE CVE CVE-2021-29970 page", "url": "https://www.suse.com/security/cve/CVE-2021-29970/" }, { "category": "self", "summary": "SUSE CVE CVE-2021-29971 page", "url": "https://www.suse.com/security/cve/CVE-2021-29971/" }, { "category": "self", "summary": "SUSE CVE CVE-2021-29972 page", "url": "https://www.suse.com/security/cve/CVE-2021-29972/" }, { "category": "self", "summary": "SUSE CVE CVE-2021-29973 page", "url": "https://www.suse.com/security/cve/CVE-2021-29973/" }, { "category": "self", "summary": "SUSE CVE CVE-2021-29974 page", "url": "https://www.suse.com/security/cve/CVE-2021-29974/" }, { "category": "self", "summary": "SUSE CVE CVE-2021-29975 page", "url": "https://www.suse.com/security/cve/CVE-2021-29975/" }, { "category": "self", "summary": "SUSE CVE CVE-2021-29976 page", "url": "https://www.suse.com/security/cve/CVE-2021-29976/" }, { "category": "self", "summary": "SUSE CVE CVE-2021-29977 page", "url": "https://www.suse.com/security/cve/CVE-2021-29977/" }, { "category": "self", "summary": "SUSE CVE CVE-2021-29980 page", "url": "https://www.suse.com/security/cve/CVE-2021-29980/" }, { "category": "self", "summary": "SUSE CVE CVE-2021-29981 page", "url": "https://www.suse.com/security/cve/CVE-2021-29981/" }, { "category": "self", "summary": "SUSE CVE CVE-2021-29982 page", "url": "https://www.suse.com/security/cve/CVE-2021-29982/" }, { "category": "self", "summary": "SUSE CVE CVE-2021-29983 page", "url": "https://www.suse.com/security/cve/CVE-2021-29983/" }, { "category": "self", "summary": "SUSE CVE CVE-2021-29984 page", "url": "https://www.suse.com/security/cve/CVE-2021-29984/" }, { "category": "self", "summary": "SUSE CVE CVE-2021-29985 page", "url": "https://www.suse.com/security/cve/CVE-2021-29985/" }, { "category": "self", "summary": "SUSE CVE CVE-2021-29986 page", "url": "https://www.suse.com/security/cve/CVE-2021-29986/" }, { "category": "self", "summary": "SUSE CVE CVE-2021-29987 page", "url": "https://www.suse.com/security/cve/CVE-2021-29987/" }, { "category": "self", "summary": "SUSE CVE CVE-2021-29988 page", "url": "https://www.suse.com/security/cve/CVE-2021-29988/" }, { "category": "self", "summary": "SUSE CVE CVE-2021-29989 page", "url": "https://www.suse.com/security/cve/CVE-2021-29989/" }, { "category": "self", "summary": "SUSE CVE CVE-2021-29990 page", "url": "https://www.suse.com/security/cve/CVE-2021-29990/" }, { "category": "self", "summary": "SUSE CVE CVE-2021-29991 page", "url": "https://www.suse.com/security/cve/CVE-2021-29991/" }, { "category": "self", "summary": "SUSE CVE CVE-2021-29993 page", "url": "https://www.suse.com/security/cve/CVE-2021-29993/" }, { "category": "self", "summary": "SUSE CVE CVE-2021-30547 page", "url": "https://www.suse.com/security/cve/CVE-2021-30547/" }, { "category": "self", "summary": "SUSE CVE CVE-2021-32810 page", "url": "https://www.suse.com/security/cve/CVE-2021-32810/" }, { "category": "self", "summary": "SUSE CVE CVE-2021-38491 page", "url": "https://www.suse.com/security/cve/CVE-2021-38491/" }, { "category": "self", "summary": "SUSE CVE CVE-2021-38492 page", "url": "https://www.suse.com/security/cve/CVE-2021-38492/" }, { "category": "self", "summary": "SUSE CVE CVE-2021-38493 page", "url": "https://www.suse.com/security/cve/CVE-2021-38493/" }, { "category": "self", "summary": "SUSE CVE CVE-2021-38494 page", "url": "https://www.suse.com/security/cve/CVE-2021-38494/" }, { "category": "self", "summary": "SUSE CVE CVE-2021-38496 page", "url": "https://www.suse.com/security/cve/CVE-2021-38496/" }, { "category": "self", "summary": "SUSE CVE CVE-2021-38497 page", "url": "https://www.suse.com/security/cve/CVE-2021-38497/" }, { "category": "self", "summary": "SUSE CVE CVE-2021-38498 page", "url": "https://www.suse.com/security/cve/CVE-2021-38498/" }, { "category": "self", "summary": "SUSE CVE CVE-2021-38499 page", "url": "https://www.suse.com/security/cve/CVE-2021-38499/" }, { "category": "self", "summary": "SUSE CVE CVE-2021-38500 page", "url": "https://www.suse.com/security/cve/CVE-2021-38500/" }, { "category": "self", "summary": "SUSE CVE CVE-2021-38501 page", "url": "https://www.suse.com/security/cve/CVE-2021-38501/" }, { "category": "self", "summary": "SUSE CVE CVE-2021-38503 page", "url": "https://www.suse.com/security/cve/CVE-2021-38503/" }, { "category": "self", "summary": "SUSE CVE CVE-2021-38504 page", "url": "https://www.suse.com/security/cve/CVE-2021-38504/" }, { "category": "self", "summary": "SUSE CVE CVE-2021-38505 page", "url": "https://www.suse.com/security/cve/CVE-2021-38505/" }, { "category": "self", "summary": "SUSE CVE CVE-2021-38506 page", "url": "https://www.suse.com/security/cve/CVE-2021-38506/" }, { "category": "self", "summary": "SUSE CVE CVE-2021-38507 page", "url": "https://www.suse.com/security/cve/CVE-2021-38507/" }, { "category": "self", "summary": "SUSE CVE CVE-2021-38508 page", "url": "https://www.suse.com/security/cve/CVE-2021-38508/" }, { "category": "self", "summary": "SUSE CVE CVE-2021-38509 page", "url": "https://www.suse.com/security/cve/CVE-2021-38509/" }, { "category": "self", "summary": "SUSE CVE CVE-2021-38510 page", "url": "https://www.suse.com/security/cve/CVE-2021-38510/" }, { "category": "self", "summary": "SUSE CVE CVE-2021-4140 page", "url": "https://www.suse.com/security/cve/CVE-2021-4140/" }, { "category": "self", "summary": "SUSE CVE CVE-2021-43536 page", "url": "https://www.suse.com/security/cve/CVE-2021-43536/" }, { "category": "self", "summary": "SUSE CVE CVE-2021-43537 page", "url": "https://www.suse.com/security/cve/CVE-2021-43537/" }, { "category": "self", "summary": "SUSE CVE CVE-2021-43538 page", "url": "https://www.suse.com/security/cve/CVE-2021-43538/" }, { "category": "self", "summary": "SUSE CVE CVE-2021-43539 page", "url": "https://www.suse.com/security/cve/CVE-2021-43539/" }, { "category": "self", "summary": "SUSE CVE CVE-2021-43540 page", "url": "https://www.suse.com/security/cve/CVE-2021-43540/" }, { "category": "self", "summary": "SUSE CVE CVE-2021-43541 page", "url": "https://www.suse.com/security/cve/CVE-2021-43541/" }, { "category": "self", "summary": "SUSE CVE CVE-2021-43542 page", "url": "https://www.suse.com/security/cve/CVE-2021-43542/" }, { "category": "self", "summary": "SUSE CVE CVE-2021-43543 page", "url": "https://www.suse.com/security/cve/CVE-2021-43543/" }, { "category": "self", "summary": "SUSE CVE CVE-2021-43544 page", "url": "https://www.suse.com/security/cve/CVE-2021-43544/" }, { "category": "self", "summary": "SUSE CVE CVE-2021-43545 page", "url": "https://www.suse.com/security/cve/CVE-2021-43545/" }, { "category": "self", "summary": "SUSE CVE CVE-2021-43546 page", "url": "https://www.suse.com/security/cve/CVE-2021-43546/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-0511 page", "url": "https://www.suse.com/security/cve/CVE-2022-0511/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-0843 page", "url": "https://www.suse.com/security/cve/CVE-2022-0843/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-1097 page", "url": "https://www.suse.com/security/cve/CVE-2022-1097/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-1529 page", "url": "https://www.suse.com/security/cve/CVE-2022-1529/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-1802 page", "url": "https://www.suse.com/security/cve/CVE-2022-1802/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-1919 page", "url": "https://www.suse.com/security/cve/CVE-2022-1919/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-2200 page", "url": "https://www.suse.com/security/cve/CVE-2022-2200/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-22736 page", "url": "https://www.suse.com/security/cve/CVE-2022-22736/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-22737 page", "url": "https://www.suse.com/security/cve/CVE-2022-22737/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-22738 page", "url": "https://www.suse.com/security/cve/CVE-2022-22738/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-22739 page", "url": "https://www.suse.com/security/cve/CVE-2022-22739/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-22740 page", "url": "https://www.suse.com/security/cve/CVE-2022-22740/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-22741 page", "url": "https://www.suse.com/security/cve/CVE-2022-22741/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-22742 page", "url": "https://www.suse.com/security/cve/CVE-2022-22742/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-22743 page", "url": "https://www.suse.com/security/cve/CVE-2022-22743/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-22744 page", "url": "https://www.suse.com/security/cve/CVE-2022-22744/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-22745 page", "url": "https://www.suse.com/security/cve/CVE-2022-22745/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-22746 page", "url": "https://www.suse.com/security/cve/CVE-2022-22746/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-22747 page", "url": "https://www.suse.com/security/cve/CVE-2022-22747/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-22748 page", "url": "https://www.suse.com/security/cve/CVE-2022-22748/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-22749 page", "url": "https://www.suse.com/security/cve/CVE-2022-22749/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-22750 page", "url": "https://www.suse.com/security/cve/CVE-2022-22750/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-22751 page", "url": "https://www.suse.com/security/cve/CVE-2022-22751/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-22752 page", "url": "https://www.suse.com/security/cve/CVE-2022-22752/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-22753 page", "url": "https://www.suse.com/security/cve/CVE-2022-22753/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-22754 page", "url": "https://www.suse.com/security/cve/CVE-2022-22754/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-22755 page", "url": "https://www.suse.com/security/cve/CVE-2022-22755/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-22756 page", "url": "https://www.suse.com/security/cve/CVE-2022-22756/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-22757 page", "url": "https://www.suse.com/security/cve/CVE-2022-22757/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-22758 page", "url": "https://www.suse.com/security/cve/CVE-2022-22758/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-22759 page", "url": "https://www.suse.com/security/cve/CVE-2022-22759/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-22760 page", "url": "https://www.suse.com/security/cve/CVE-2022-22760/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-22761 page", "url": "https://www.suse.com/security/cve/CVE-2022-22761/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-22762 page", "url": "https://www.suse.com/security/cve/CVE-2022-22762/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-22764 page", "url": "https://www.suse.com/security/cve/CVE-2022-22764/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-24713 page", "url": "https://www.suse.com/security/cve/CVE-2022-24713/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-2505 page", "url": "https://www.suse.com/security/cve/CVE-2022-2505/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-26381 page", "url": "https://www.suse.com/security/cve/CVE-2022-26381/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-26382 page", "url": "https://www.suse.com/security/cve/CVE-2022-26382/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-26383 page", "url": "https://www.suse.com/security/cve/CVE-2022-26383/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-26384 page", "url": "https://www.suse.com/security/cve/CVE-2022-26384/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-26385 page", "url": "https://www.suse.com/security/cve/CVE-2022-26385/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-26387 page", "url": "https://www.suse.com/security/cve/CVE-2022-26387/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-28281 page", "url": "https://www.suse.com/security/cve/CVE-2022-28281/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-28282 page", "url": "https://www.suse.com/security/cve/CVE-2022-28282/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-28283 page", "url": "https://www.suse.com/security/cve/CVE-2022-28283/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-28284 page", "url": "https://www.suse.com/security/cve/CVE-2022-28284/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-28285 page", "url": "https://www.suse.com/security/cve/CVE-2022-28285/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-28286 page", "url": "https://www.suse.com/security/cve/CVE-2022-28286/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-28287 page", "url": "https://www.suse.com/security/cve/CVE-2022-28287/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-28288 page", "url": "https://www.suse.com/security/cve/CVE-2022-28288/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-28289 page", "url": "https://www.suse.com/security/cve/CVE-2022-28289/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-29909 page", "url": "https://www.suse.com/security/cve/CVE-2022-29909/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-29910 page", "url": "https://www.suse.com/security/cve/CVE-2022-29910/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-29911 page", "url": "https://www.suse.com/security/cve/CVE-2022-29911/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-29912 page", "url": "https://www.suse.com/security/cve/CVE-2022-29912/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-29914 page", "url": "https://www.suse.com/security/cve/CVE-2022-29914/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-29915 page", "url": "https://www.suse.com/security/cve/CVE-2022-29915/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-29916 page", "url": "https://www.suse.com/security/cve/CVE-2022-29916/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-29917 page", "url": "https://www.suse.com/security/cve/CVE-2022-29917/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-29918 page", "url": "https://www.suse.com/security/cve/CVE-2022-29918/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-31736 page", "url": "https://www.suse.com/security/cve/CVE-2022-31736/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-31737 page", "url": "https://www.suse.com/security/cve/CVE-2022-31737/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-31738 page", "url": "https://www.suse.com/security/cve/CVE-2022-31738/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-31739 page", "url": "https://www.suse.com/security/cve/CVE-2022-31739/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-31740 page", "url": "https://www.suse.com/security/cve/CVE-2022-31740/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-31741 page", "url": "https://www.suse.com/security/cve/CVE-2022-31741/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-31742 page", "url": "https://www.suse.com/security/cve/CVE-2022-31742/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-31743 page", "url": "https://www.suse.com/security/cve/CVE-2022-31743/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-31744 page", "url": "https://www.suse.com/security/cve/CVE-2022-31744/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-31745 page", "url": "https://www.suse.com/security/cve/CVE-2022-31745/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-31747 page", "url": "https://www.suse.com/security/cve/CVE-2022-31747/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-31748 page", "url": "https://www.suse.com/security/cve/CVE-2022-31748/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-34468 page", "url": "https://www.suse.com/security/cve/CVE-2022-34468/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-34469 page", "url": "https://www.suse.com/security/cve/CVE-2022-34469/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-34470 page", "url": "https://www.suse.com/security/cve/CVE-2022-34470/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-34471 page", "url": "https://www.suse.com/security/cve/CVE-2022-34471/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-34472 page", "url": "https://www.suse.com/security/cve/CVE-2022-34472/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-34473 page", "url": "https://www.suse.com/security/cve/CVE-2022-34473/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-34474 page", "url": "https://www.suse.com/security/cve/CVE-2022-34474/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-34475 page", "url": "https://www.suse.com/security/cve/CVE-2022-34475/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-34476 page", "url": "https://www.suse.com/security/cve/CVE-2022-34476/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-34477 page", "url": "https://www.suse.com/security/cve/CVE-2022-34477/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-34478 page", "url": "https://www.suse.com/security/cve/CVE-2022-34478/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-34479 page", "url": "https://www.suse.com/security/cve/CVE-2022-34479/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-34480 page", "url": "https://www.suse.com/security/cve/CVE-2022-34480/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-34481 page", "url": "https://www.suse.com/security/cve/CVE-2022-34481/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-34482 page", "url": "https://www.suse.com/security/cve/CVE-2022-34482/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-34483 page", "url": "https://www.suse.com/security/cve/CVE-2022-34483/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-34484 page", "url": "https://www.suse.com/security/cve/CVE-2022-34484/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-34485 page", "url": "https://www.suse.com/security/cve/CVE-2022-34485/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-36314 page", "url": "https://www.suse.com/security/cve/CVE-2022-36314/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-36315 page", "url": "https://www.suse.com/security/cve/CVE-2022-36315/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-36316 page", "url": "https://www.suse.com/security/cve/CVE-2022-36316/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-36317 page", "url": "https://www.suse.com/security/cve/CVE-2022-36317/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-36318 page", "url": "https://www.suse.com/security/cve/CVE-2022-36318/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-36319 page", "url": "https://www.suse.com/security/cve/CVE-2022-36319/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-36320 page", "url": "https://www.suse.com/security/cve/CVE-2022-36320/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-38472 page", "url": "https://www.suse.com/security/cve/CVE-2022-38472/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-38473 page", "url": "https://www.suse.com/security/cve/CVE-2022-38473/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-38474 page", "url": "https://www.suse.com/security/cve/CVE-2022-38474/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-38475 page", "url": "https://www.suse.com/security/cve/CVE-2022-38475/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-38477 page", "url": "https://www.suse.com/security/cve/CVE-2022-38477/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-38478 page", "url": "https://www.suse.com/security/cve/CVE-2022-38478/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-40674 page", "url": "https://www.suse.com/security/cve/CVE-2022-40674/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-40956 page", "url": "https://www.suse.com/security/cve/CVE-2022-40956/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-40957 page", "url": "https://www.suse.com/security/cve/CVE-2022-40957/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-40958 page", "url": "https://www.suse.com/security/cve/CVE-2022-40958/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-40959 page", "url": "https://www.suse.com/security/cve/CVE-2022-40959/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-40960 page", "url": "https://www.suse.com/security/cve/CVE-2022-40960/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-40961 page", "url": "https://www.suse.com/security/cve/CVE-2022-40961/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-40962 page", "url": "https://www.suse.com/security/cve/CVE-2022-40962/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-42927 page", "url": "https://www.suse.com/security/cve/CVE-2022-42927/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-42928 page", "url": "https://www.suse.com/security/cve/CVE-2022-42928/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-42929 page", "url": "https://www.suse.com/security/cve/CVE-2022-42929/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-42930 page", "url": "https://www.suse.com/security/cve/CVE-2022-42930/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-42931 page", "url": "https://www.suse.com/security/cve/CVE-2022-42931/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-42932 page", "url": "https://www.suse.com/security/cve/CVE-2022-42932/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-45403 page", "url": "https://www.suse.com/security/cve/CVE-2022-45403/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-45404 page", "url": "https://www.suse.com/security/cve/CVE-2022-45404/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-45405 page", "url": "https://www.suse.com/security/cve/CVE-2022-45405/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-45406 page", "url": "https://www.suse.com/security/cve/CVE-2022-45406/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-45407 page", "url": "https://www.suse.com/security/cve/CVE-2022-45407/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-45408 page", "url": "https://www.suse.com/security/cve/CVE-2022-45408/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-45409 page", "url": "https://www.suse.com/security/cve/CVE-2022-45409/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-45410 page", "url": "https://www.suse.com/security/cve/CVE-2022-45410/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-45411 page", "url": "https://www.suse.com/security/cve/CVE-2022-45411/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-45412 page", "url": "https://www.suse.com/security/cve/CVE-2022-45412/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-45413 page", "url": "https://www.suse.com/security/cve/CVE-2022-45413/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-45415 page", "url": "https://www.suse.com/security/cve/CVE-2022-45415/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-45416 page", "url": "https://www.suse.com/security/cve/CVE-2022-45416/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-45417 page", "url": "https://www.suse.com/security/cve/CVE-2022-45417/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-45418 page", "url": "https://www.suse.com/security/cve/CVE-2022-45418/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-45419 page", "url": "https://www.suse.com/security/cve/CVE-2022-45419/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-45420 page", "url": "https://www.suse.com/security/cve/CVE-2022-45420/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-45421 page", "url": "https://www.suse.com/security/cve/CVE-2022-45421/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-46871 page", "url": "https://www.suse.com/security/cve/CVE-2022-46871/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-46872 page", "url": "https://www.suse.com/security/cve/CVE-2022-46872/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-46873 page", "url": "https://www.suse.com/security/cve/CVE-2022-46873/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-46874 page", "url": "https://www.suse.com/security/cve/CVE-2022-46874/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-46875 page", "url": "https://www.suse.com/security/cve/CVE-2022-46875/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-46877 page", "url": "https://www.suse.com/security/cve/CVE-2022-46877/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-46878 page", "url": "https://www.suse.com/security/cve/CVE-2022-46878/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-46879 page", "url": "https://www.suse.com/security/cve/CVE-2022-46879/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-0767 page", "url": "https://www.suse.com/security/cve/CVE-2023-0767/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-23597 page", "url": "https://www.suse.com/security/cve/CVE-2023-23597/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-23598 page", "url": "https://www.suse.com/security/cve/CVE-2023-23598/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-23599 page", "url": "https://www.suse.com/security/cve/CVE-2023-23599/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-23600 page", "url": "https://www.suse.com/security/cve/CVE-2023-23600/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-23601 page", "url": "https://www.suse.com/security/cve/CVE-2023-23601/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-23602 page", "url": "https://www.suse.com/security/cve/CVE-2023-23602/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-23603 page", "url": "https://www.suse.com/security/cve/CVE-2023-23603/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-23604 page", "url": "https://www.suse.com/security/cve/CVE-2023-23604/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-23605 page", "url": "https://www.suse.com/security/cve/CVE-2023-23605/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-23606 page", "url": "https://www.suse.com/security/cve/CVE-2023-23606/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-25728 page", "url": "https://www.suse.com/security/cve/CVE-2023-25728/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-25729 page", "url": "https://www.suse.com/security/cve/CVE-2023-25729/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-25730 page", "url": "https://www.suse.com/security/cve/CVE-2023-25730/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-25731 page", "url": "https://www.suse.com/security/cve/CVE-2023-25731/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-25732 page", "url": "https://www.suse.com/security/cve/CVE-2023-25732/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-25733 page", "url": "https://www.suse.com/security/cve/CVE-2023-25733/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-25734 page", "url": "https://www.suse.com/security/cve/CVE-2023-25734/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-25735 page", "url": "https://www.suse.com/security/cve/CVE-2023-25735/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-25736 page", "url": "https://www.suse.com/security/cve/CVE-2023-25736/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-25737 page", "url": "https://www.suse.com/security/cve/CVE-2023-25737/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-25738 page", "url": "https://www.suse.com/security/cve/CVE-2023-25738/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-25739 page", "url": "https://www.suse.com/security/cve/CVE-2023-25739/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-25740 page", "url": "https://www.suse.com/security/cve/CVE-2023-25740/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-25741 page", "url": "https://www.suse.com/security/cve/CVE-2023-25741/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-25742 page", "url": "https://www.suse.com/security/cve/CVE-2023-25742/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-25743 page", "url": "https://www.suse.com/security/cve/CVE-2023-25743/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-25744 page", "url": "https://www.suse.com/security/cve/CVE-2023-25744/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-25745 page", "url": "https://www.suse.com/security/cve/CVE-2023-25745/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-25748 page", "url": "https://www.suse.com/security/cve/CVE-2023-25748/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-25749 page", "url": "https://www.suse.com/security/cve/CVE-2023-25749/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-25750 page", "url": "https://www.suse.com/security/cve/CVE-2023-25750/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-25751 page", "url": "https://www.suse.com/security/cve/CVE-2023-25751/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-25752 page", "url": "https://www.suse.com/security/cve/CVE-2023-25752/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-28159 page", "url": "https://www.suse.com/security/cve/CVE-2023-28159/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-28160 page", "url": "https://www.suse.com/security/cve/CVE-2023-28160/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-28161 page", "url": "https://www.suse.com/security/cve/CVE-2023-28161/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-28162 page", "url": "https://www.suse.com/security/cve/CVE-2023-28162/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-28163 page", "url": "https://www.suse.com/security/cve/CVE-2023-28163/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-28164 page", "url": "https://www.suse.com/security/cve/CVE-2023-28164/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-28176 page", "url": "https://www.suse.com/security/cve/CVE-2023-28176/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-28177 page", "url": "https://www.suse.com/security/cve/CVE-2023-28177/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-29531 page", "url": "https://www.suse.com/security/cve/CVE-2023-29531/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-29532 page", "url": "https://www.suse.com/security/cve/CVE-2023-29532/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-29533 page", "url": "https://www.suse.com/security/cve/CVE-2023-29533/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-29534 page", "url": "https://www.suse.com/security/cve/CVE-2023-29534/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-29535 page", "url": "https://www.suse.com/security/cve/CVE-2023-29535/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-29536 page", "url": "https://www.suse.com/security/cve/CVE-2023-29536/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-29537 page", "url": "https://www.suse.com/security/cve/CVE-2023-29537/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-29538 page", "url": "https://www.suse.com/security/cve/CVE-2023-29538/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-29539 page", "url": "https://www.suse.com/security/cve/CVE-2023-29539/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-29540 page", "url": "https://www.suse.com/security/cve/CVE-2023-29540/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-29541 page", "url": "https://www.suse.com/security/cve/CVE-2023-29541/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-29542 page", "url": "https://www.suse.com/security/cve/CVE-2023-29542/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-29543 page", "url": "https://www.suse.com/security/cve/CVE-2023-29543/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-29544 page", "url": "https://www.suse.com/security/cve/CVE-2023-29544/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-29545 page", "url": "https://www.suse.com/security/cve/CVE-2023-29545/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-29546 page", "url": "https://www.suse.com/security/cve/CVE-2023-29546/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-29547 page", "url": "https://www.suse.com/security/cve/CVE-2023-29547/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-29548 page", "url": "https://www.suse.com/security/cve/CVE-2023-29548/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-29549 page", "url": "https://www.suse.com/security/cve/CVE-2023-29549/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-29550 page", "url": "https://www.suse.com/security/cve/CVE-2023-29550/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-29551 page", "url": "https://www.suse.com/security/cve/CVE-2023-29551/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-32205 page", "url": "https://www.suse.com/security/cve/CVE-2023-32205/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-32206 page", "url": "https://www.suse.com/security/cve/CVE-2023-32206/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-32207 page", "url": "https://www.suse.com/security/cve/CVE-2023-32207/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-32208 page", "url": "https://www.suse.com/security/cve/CVE-2023-32208/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-32209 page", "url": "https://www.suse.com/security/cve/CVE-2023-32209/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-32210 page", "url": "https://www.suse.com/security/cve/CVE-2023-32210/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-32211 page", "url": "https://www.suse.com/security/cve/CVE-2023-32211/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-32212 page", "url": "https://www.suse.com/security/cve/CVE-2023-32212/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-32213 page", "url": "https://www.suse.com/security/cve/CVE-2023-32213/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-32214 page", "url": "https://www.suse.com/security/cve/CVE-2023-32214/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-32215 page", "url": "https://www.suse.com/security/cve/CVE-2023-32215/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-32216 page", "url": "https://www.suse.com/security/cve/CVE-2023-32216/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-34414 page", "url": "https://www.suse.com/security/cve/CVE-2023-34414/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-34415 page", "url": "https://www.suse.com/security/cve/CVE-2023-34415/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-34416 page", "url": "https://www.suse.com/security/cve/CVE-2023-34416/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-34417 page", "url": "https://www.suse.com/security/cve/CVE-2023-34417/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-3482 page", "url": "https://www.suse.com/security/cve/CVE-2023-3482/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-3600 page", "url": "https://www.suse.com/security/cve/CVE-2023-3600/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-37201 page", "url": "https://www.suse.com/security/cve/CVE-2023-37201/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-37202 page", "url": "https://www.suse.com/security/cve/CVE-2023-37202/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-37203 page", "url": "https://www.suse.com/security/cve/CVE-2023-37203/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-37204 page", "url": "https://www.suse.com/security/cve/CVE-2023-37204/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-37205 page", "url": "https://www.suse.com/security/cve/CVE-2023-37205/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-37206 page", "url": "https://www.suse.com/security/cve/CVE-2023-37206/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-37207 page", "url": "https://www.suse.com/security/cve/CVE-2023-37207/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-37208 page", "url": "https://www.suse.com/security/cve/CVE-2023-37208/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-37209 page", "url": "https://www.suse.com/security/cve/CVE-2023-37209/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-37210 page", "url": "https://www.suse.com/security/cve/CVE-2023-37210/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-37211 page", "url": "https://www.suse.com/security/cve/CVE-2023-37211/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-37212 page", "url": "https://www.suse.com/security/cve/CVE-2023-37212/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-4045 page", "url": "https://www.suse.com/security/cve/CVE-2023-4045/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-4046 page", "url": "https://www.suse.com/security/cve/CVE-2023-4046/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-4047 page", "url": "https://www.suse.com/security/cve/CVE-2023-4047/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-4048 page", "url": "https://www.suse.com/security/cve/CVE-2023-4048/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-4049 page", "url": "https://www.suse.com/security/cve/CVE-2023-4049/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-4050 page", "url": "https://www.suse.com/security/cve/CVE-2023-4050/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-4051 page", "url": "https://www.suse.com/security/cve/CVE-2023-4051/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-4052 page", "url": "https://www.suse.com/security/cve/CVE-2023-4052/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-4053 page", "url": "https://www.suse.com/security/cve/CVE-2023-4053/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-4054 page", "url": "https://www.suse.com/security/cve/CVE-2023-4054/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-4055 page", "url": "https://www.suse.com/security/cve/CVE-2023-4055/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-4056 page", "url": "https://www.suse.com/security/cve/CVE-2023-4056/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-4057 page", "url": "https://www.suse.com/security/cve/CVE-2023-4057/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-4058 page", "url": "https://www.suse.com/security/cve/CVE-2023-4058/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-4573 page", "url": "https://www.suse.com/security/cve/CVE-2023-4573/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-4574 page", "url": "https://www.suse.com/security/cve/CVE-2023-4574/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-4575 page", "url": "https://www.suse.com/security/cve/CVE-2023-4575/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-4576 page", "url": "https://www.suse.com/security/cve/CVE-2023-4576/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-4577 page", "url": "https://www.suse.com/security/cve/CVE-2023-4577/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-4578 page", "url": "https://www.suse.com/security/cve/CVE-2023-4578/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-4579 page", "url": "https://www.suse.com/security/cve/CVE-2023-4579/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-4580 page", "url": "https://www.suse.com/security/cve/CVE-2023-4580/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-4581 page", "url": "https://www.suse.com/security/cve/CVE-2023-4581/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-4582 page", "url": "https://www.suse.com/security/cve/CVE-2023-4582/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-4583 page", "url": "https://www.suse.com/security/cve/CVE-2023-4583/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-4584 page", "url": "https://www.suse.com/security/cve/CVE-2023-4584/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-4585 page", "url": "https://www.suse.com/security/cve/CVE-2023-4585/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-4863 page", "url": "https://www.suse.com/security/cve/CVE-2023-4863/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-5168 page", "url": "https://www.suse.com/security/cve/CVE-2023-5168/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-5169 page", "url": "https://www.suse.com/security/cve/CVE-2023-5169/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-5170 page", "url": "https://www.suse.com/security/cve/CVE-2023-5170/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-5171 page", "url": "https://www.suse.com/security/cve/CVE-2023-5171/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-5172 page", "url": "https://www.suse.com/security/cve/CVE-2023-5172/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-5173 page", "url": "https://www.suse.com/security/cve/CVE-2023-5173/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-5174 page", "url": "https://www.suse.com/security/cve/CVE-2023-5174/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-5175 page", "url": "https://www.suse.com/security/cve/CVE-2023-5175/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-5176 page", "url": "https://www.suse.com/security/cve/CVE-2023-5176/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-5217 page", "url": "https://www.suse.com/security/cve/CVE-2023-5217/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-5388 page", "url": "https://www.suse.com/security/cve/CVE-2023-5388/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-5721 page", "url": "https://www.suse.com/security/cve/CVE-2023-5721/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-5722 page", "url": "https://www.suse.com/security/cve/CVE-2023-5722/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-5723 page", "url": "https://www.suse.com/security/cve/CVE-2023-5723/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-5724 page", "url": "https://www.suse.com/security/cve/CVE-2023-5724/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-5725 page", "url": "https://www.suse.com/security/cve/CVE-2023-5725/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-5726 page", "url": "https://www.suse.com/security/cve/CVE-2023-5726/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-5727 page", "url": "https://www.suse.com/security/cve/CVE-2023-5727/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-5728 page", "url": "https://www.suse.com/security/cve/CVE-2023-5728/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-5729 page", "url": "https://www.suse.com/security/cve/CVE-2023-5729/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-5730 page", "url": "https://www.suse.com/security/cve/CVE-2023-5730/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-5731 page", "url": "https://www.suse.com/security/cve/CVE-2023-5731/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-6135 page", "url": "https://www.suse.com/security/cve/CVE-2023-6135/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-6204 page", "url": "https://www.suse.com/security/cve/CVE-2023-6204/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-6205 page", "url": "https://www.suse.com/security/cve/CVE-2023-6205/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-6206 page", "url": "https://www.suse.com/security/cve/CVE-2023-6206/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-6207 page", "url": "https://www.suse.com/security/cve/CVE-2023-6207/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-6208 page", "url": "https://www.suse.com/security/cve/CVE-2023-6208/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-6209 page", "url": "https://www.suse.com/security/cve/CVE-2023-6209/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-6210 page", "url": "https://www.suse.com/security/cve/CVE-2023-6210/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-6211 page", "url": "https://www.suse.com/security/cve/CVE-2023-6211/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-6212 page", "url": "https://www.suse.com/security/cve/CVE-2023-6212/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-6213 page", "url": "https://www.suse.com/security/cve/CVE-2023-6213/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-6856 page", "url": "https://www.suse.com/security/cve/CVE-2023-6856/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-6857 page", "url": "https://www.suse.com/security/cve/CVE-2023-6857/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-6858 page", "url": "https://www.suse.com/security/cve/CVE-2023-6858/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-6859 page", "url": "https://www.suse.com/security/cve/CVE-2023-6859/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-6860 page", "url": "https://www.suse.com/security/cve/CVE-2023-6860/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-6861 page", "url": "https://www.suse.com/security/cve/CVE-2023-6861/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-6863 page", "url": "https://www.suse.com/security/cve/CVE-2023-6863/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-6864 page", "url": "https://www.suse.com/security/cve/CVE-2023-6864/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-6865 page", "url": "https://www.suse.com/security/cve/CVE-2023-6865/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-6866 page", "url": "https://www.suse.com/security/cve/CVE-2023-6866/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-6867 page", "url": "https://www.suse.com/security/cve/CVE-2023-6867/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-6868 page", "url": "https://www.suse.com/security/cve/CVE-2023-6868/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-6869 page", "url": "https://www.suse.com/security/cve/CVE-2023-6869/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-6870 page", "url": "https://www.suse.com/security/cve/CVE-2023-6870/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-6871 page", "url": "https://www.suse.com/security/cve/CVE-2023-6871/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-6872 page", "url": "https://www.suse.com/security/cve/CVE-2023-6872/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-6873 page", "url": "https://www.suse.com/security/cve/CVE-2023-6873/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-0741 page", "url": "https://www.suse.com/security/cve/CVE-2024-0741/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-0742 page", "url": "https://www.suse.com/security/cve/CVE-2024-0742/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-0743 page", "url": "https://www.suse.com/security/cve/CVE-2024-0743/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-0744 page", "url": "https://www.suse.com/security/cve/CVE-2024-0744/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-0745 page", "url": "https://www.suse.com/security/cve/CVE-2024-0745/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-0746 page", "url": "https://www.suse.com/security/cve/CVE-2024-0746/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-0747 page", "url": "https://www.suse.com/security/cve/CVE-2024-0747/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-0748 page", "url": "https://www.suse.com/security/cve/CVE-2024-0748/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-0749 page", "url": "https://www.suse.com/security/cve/CVE-2024-0749/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-0750 page", "url": "https://www.suse.com/security/cve/CVE-2024-0750/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-0751 page", "url": "https://www.suse.com/security/cve/CVE-2024-0751/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-0752 page", "url": "https://www.suse.com/security/cve/CVE-2024-0752/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-0753 page", "url": "https://www.suse.com/security/cve/CVE-2024-0753/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-0754 page", "url": "https://www.suse.com/security/cve/CVE-2024-0754/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-0755 page", "url": "https://www.suse.com/security/cve/CVE-2024-0755/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-10458 page", "url": "https://www.suse.com/security/cve/CVE-2024-10458/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-10459 page", "url": "https://www.suse.com/security/cve/CVE-2024-10459/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-10460 page", "url": "https://www.suse.com/security/cve/CVE-2024-10460/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-10461 page", "url": "https://www.suse.com/security/cve/CVE-2024-10461/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-10462 page", "url": "https://www.suse.com/security/cve/CVE-2024-10462/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-10463 page", "url": "https://www.suse.com/security/cve/CVE-2024-10463/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-10464 page", "url": "https://www.suse.com/security/cve/CVE-2024-10464/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-10465 page", "url": "https://www.suse.com/security/cve/CVE-2024-10465/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-10466 page", "url": "https://www.suse.com/security/cve/CVE-2024-10466/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-10467 page", "url": "https://www.suse.com/security/cve/CVE-2024-10467/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-11691 page", "url": "https://www.suse.com/security/cve/CVE-2024-11691/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-11692 page", "url": "https://www.suse.com/security/cve/CVE-2024-11692/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-11693 page", "url": "https://www.suse.com/security/cve/CVE-2024-11693/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-11694 page", "url": "https://www.suse.com/security/cve/CVE-2024-11694/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-11695 page", "url": "https://www.suse.com/security/cve/CVE-2024-11695/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-11696 page", "url": "https://www.suse.com/security/cve/CVE-2024-11696/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-11697 page", "url": "https://www.suse.com/security/cve/CVE-2024-11697/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-11698 page", "url": "https://www.suse.com/security/cve/CVE-2024-11698/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-11699 page", "url": "https://www.suse.com/security/cve/CVE-2024-11699/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-1546 page", "url": "https://www.suse.com/security/cve/CVE-2024-1546/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-1547 page", "url": "https://www.suse.com/security/cve/CVE-2024-1547/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-1548 page", "url": "https://www.suse.com/security/cve/CVE-2024-1548/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-1549 page", "url": "https://www.suse.com/security/cve/CVE-2024-1549/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-1550 page", "url": "https://www.suse.com/security/cve/CVE-2024-1550/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-1551 page", "url": "https://www.suse.com/security/cve/CVE-2024-1551/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-1552 page", "url": "https://www.suse.com/security/cve/CVE-2024-1552/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-1553 page", "url": "https://www.suse.com/security/cve/CVE-2024-1553/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-1554 page", "url": "https://www.suse.com/security/cve/CVE-2024-1554/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-1555 page", "url": "https://www.suse.com/security/cve/CVE-2024-1555/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-1556 page", "url": "https://www.suse.com/security/cve/CVE-2024-1556/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-1557 page", "url": "https://www.suse.com/security/cve/CVE-2024-1557/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-2605 page", "url": "https://www.suse.com/security/cve/CVE-2024-2605/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-2606 page", "url": "https://www.suse.com/security/cve/CVE-2024-2606/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-2607 page", "url": "https://www.suse.com/security/cve/CVE-2024-2607/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-2608 page", "url": "https://www.suse.com/security/cve/CVE-2024-2608/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-2609 page", "url": "https://www.suse.com/security/cve/CVE-2024-2609/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-2610 page", "url": "https://www.suse.com/security/cve/CVE-2024-2610/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-2611 page", "url": "https://www.suse.com/security/cve/CVE-2024-2611/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-2612 page", "url": "https://www.suse.com/security/cve/CVE-2024-2612/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-2613 page", "url": "https://www.suse.com/security/cve/CVE-2024-2613/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-2614 page", "url": "https://www.suse.com/security/cve/CVE-2024-2614/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-2615 page", "url": "https://www.suse.com/security/cve/CVE-2024-2615/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-29943 page", "url": "https://www.suse.com/security/cve/CVE-2024-29943/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-29944 page", "url": "https://www.suse.com/security/cve/CVE-2024-29944/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-3302 page", "url": "https://www.suse.com/security/cve/CVE-2024-3302/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-3852 page", "url": "https://www.suse.com/security/cve/CVE-2024-3852/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-3853 page", "url": "https://www.suse.com/security/cve/CVE-2024-3853/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-3854 page", "url": "https://www.suse.com/security/cve/CVE-2024-3854/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-3855 page", "url": "https://www.suse.com/security/cve/CVE-2024-3855/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-3856 page", "url": "https://www.suse.com/security/cve/CVE-2024-3856/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-3857 page", "url": "https://www.suse.com/security/cve/CVE-2024-3857/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-3858 page", "url": "https://www.suse.com/security/cve/CVE-2024-3858/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-3859 page", "url": "https://www.suse.com/security/cve/CVE-2024-3859/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-3860 page", "url": "https://www.suse.com/security/cve/CVE-2024-3860/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-3861 page", "url": "https://www.suse.com/security/cve/CVE-2024-3861/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-3862 page", "url": "https://www.suse.com/security/cve/CVE-2024-3862/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-3863 page", "url": "https://www.suse.com/security/cve/CVE-2024-3863/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-3864 page", "url": "https://www.suse.com/security/cve/CVE-2024-3864/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-3865 page", "url": "https://www.suse.com/security/cve/CVE-2024-3865/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-4367 page", "url": "https://www.suse.com/security/cve/CVE-2024-4367/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-4764 page", "url": "https://www.suse.com/security/cve/CVE-2024-4764/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-4765 page", "url": "https://www.suse.com/security/cve/CVE-2024-4765/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-4766 page", "url": "https://www.suse.com/security/cve/CVE-2024-4766/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-4767 page", "url": "https://www.suse.com/security/cve/CVE-2024-4767/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-4768 page", "url": "https://www.suse.com/security/cve/CVE-2024-4768/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-4769 page", "url": "https://www.suse.com/security/cve/CVE-2024-4769/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-4770 page", "url": "https://www.suse.com/security/cve/CVE-2024-4770/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-4771 page", "url": "https://www.suse.com/security/cve/CVE-2024-4771/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-4772 page", "url": "https://www.suse.com/security/cve/CVE-2024-4772/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-4773 page", "url": "https://www.suse.com/security/cve/CVE-2024-4773/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-4774 page", "url": "https://www.suse.com/security/cve/CVE-2024-4774/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-4775 page", "url": "https://www.suse.com/security/cve/CVE-2024-4775/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-4776 page", "url": "https://www.suse.com/security/cve/CVE-2024-4776/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-4777 page", "url": "https://www.suse.com/security/cve/CVE-2024-4777/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-4778 page", "url": "https://www.suse.com/security/cve/CVE-2024-4778/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-5687 page", "url": "https://www.suse.com/security/cve/CVE-2024-5687/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-5688 page", "url": "https://www.suse.com/security/cve/CVE-2024-5688/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-5689 page", "url": "https://www.suse.com/security/cve/CVE-2024-5689/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-5690 page", "url": "https://www.suse.com/security/cve/CVE-2024-5690/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-5691 page", "url": "https://www.suse.com/security/cve/CVE-2024-5691/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-5692 page", "url": "https://www.suse.com/security/cve/CVE-2024-5692/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-5693 page", "url": "https://www.suse.com/security/cve/CVE-2024-5693/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-5694 page", "url": "https://www.suse.com/security/cve/CVE-2024-5694/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-5695 page", "url": "https://www.suse.com/security/cve/CVE-2024-5695/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-5696 page", "url": "https://www.suse.com/security/cve/CVE-2024-5696/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-5697 page", "url": "https://www.suse.com/security/cve/CVE-2024-5697/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-5698 page", "url": "https://www.suse.com/security/cve/CVE-2024-5698/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-5699 page", "url": "https://www.suse.com/security/cve/CVE-2024-5699/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-5700 page", "url": "https://www.suse.com/security/cve/CVE-2024-5700/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-5701 page", "url": "https://www.suse.com/security/cve/CVE-2024-5701/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-6600 page", "url": "https://www.suse.com/security/cve/CVE-2024-6600/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-6601 page", "url": "https://www.suse.com/security/cve/CVE-2024-6601/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-6602 page", "url": "https://www.suse.com/security/cve/CVE-2024-6602/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-6603 page", "url": "https://www.suse.com/security/cve/CVE-2024-6603/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-6604 page", "url": "https://www.suse.com/security/cve/CVE-2024-6604/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-6605 page", "url": "https://www.suse.com/security/cve/CVE-2024-6605/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-6606 page", "url": "https://www.suse.com/security/cve/CVE-2024-6606/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-6607 page", "url": "https://www.suse.com/security/cve/CVE-2024-6607/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-6608 page", "url": "https://www.suse.com/security/cve/CVE-2024-6608/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-6609 page", "url": "https://www.suse.com/security/cve/CVE-2024-6609/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-6610 page", "url": "https://www.suse.com/security/cve/CVE-2024-6610/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-6611 page", "url": "https://www.suse.com/security/cve/CVE-2024-6611/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-6612 page", "url": "https://www.suse.com/security/cve/CVE-2024-6612/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-6613 page", "url": "https://www.suse.com/security/cve/CVE-2024-6613/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-6614 page", "url": "https://www.suse.com/security/cve/CVE-2024-6614/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-6615 page", "url": "https://www.suse.com/security/cve/CVE-2024-6615/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-7518 page", "url": "https://www.suse.com/security/cve/CVE-2024-7518/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-7519 page", "url": "https://www.suse.com/security/cve/CVE-2024-7519/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-7520 page", "url": "https://www.suse.com/security/cve/CVE-2024-7520/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-7521 page", "url": "https://www.suse.com/security/cve/CVE-2024-7521/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-7522 page", "url": "https://www.suse.com/security/cve/CVE-2024-7522/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-7524 page", "url": "https://www.suse.com/security/cve/CVE-2024-7524/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-7525 page", "url": "https://www.suse.com/security/cve/CVE-2024-7525/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-7526 page", "url": "https://www.suse.com/security/cve/CVE-2024-7526/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-7527 page", "url": "https://www.suse.com/security/cve/CVE-2024-7527/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-7528 page", "url": "https://www.suse.com/security/cve/CVE-2024-7528/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-7529 page", "url": "https://www.suse.com/security/cve/CVE-2024-7529/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-7531 page", "url": "https://www.suse.com/security/cve/CVE-2024-7531/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-8381 page", "url": "https://www.suse.com/security/cve/CVE-2024-8381/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-8382 page", "url": "https://www.suse.com/security/cve/CVE-2024-8382/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-8383 page", "url": "https://www.suse.com/security/cve/CVE-2024-8383/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-8384 page", "url": "https://www.suse.com/security/cve/CVE-2024-8384/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-8385 page", "url": "https://www.suse.com/security/cve/CVE-2024-8385/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-8386 page", "url": "https://www.suse.com/security/cve/CVE-2024-8386/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-8387 page", "url": "https://www.suse.com/security/cve/CVE-2024-8387/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-8900 page", "url": "https://www.suse.com/security/cve/CVE-2024-8900/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-9392 page", "url": "https://www.suse.com/security/cve/CVE-2024-9392/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-9393 page", "url": "https://www.suse.com/security/cve/CVE-2024-9393/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-9394 page", "url": "https://www.suse.com/security/cve/CVE-2024-9394/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-9396 page", "url": "https://www.suse.com/security/cve/CVE-2024-9396/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-9397 page", "url": "https://www.suse.com/security/cve/CVE-2024-9397/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-9398 page", "url": "https://www.suse.com/security/cve/CVE-2024-9398/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-9399 page", "url": "https://www.suse.com/security/cve/CVE-2024-9399/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-9400 page", "url": "https://www.suse.com/security/cve/CVE-2024-9400/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-9401 page", "url": "https://www.suse.com/security/cve/CVE-2024-9401/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-9402 page", "url": "https://www.suse.com/security/cve/CVE-2024-9402/" }, { "category": "self", "summary": "SUSE CVE CVE-2024-9680 page", "url": "https://www.suse.com/security/cve/CVE-2024-9680/" } ], "title": "firefox-esr-128.5.1-1.1 on GA media", "tracking": { "current_release_date": "2024-12-12T00:00:00Z", "generator": { "date": "2024-12-12T00:00:00Z", "engine": { "name": "cve-database.git:bin/generate-csaf.pl", "version": "1" } }, "id": "openSUSE-SU-2024:14572-1", "initial_release_date": "2024-12-12T00:00:00Z", "revision_history": [ { "date": "2024-12-12T00:00:00Z", "number": "1", "summary": "Current version" } ], "status": "final", "version": "1" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_version", "name": "firefox-esr-128.5.1-1.1.aarch64", "product": { "name": "firefox-esr-128.5.1-1.1.aarch64", "product_id": "firefox-esr-128.5.1-1.1.aarch64" } }, { "category": "product_version", "name": "firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "product": { "name": "firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "product_id": "firefox-esr-branding-upstream-128.5.1-1.1.aarch64" } }, { "category": "product_version", "name": "firefox-esr-translations-common-128.5.1-1.1.aarch64", "product": { "name": "firefox-esr-translations-common-128.5.1-1.1.aarch64", "product_id": "firefox-esr-translations-common-128.5.1-1.1.aarch64" } }, { "category": "product_version", "name": "firefox-esr-translations-other-128.5.1-1.1.aarch64", "product": { "name": "firefox-esr-translations-other-128.5.1-1.1.aarch64", "product_id": "firefox-esr-translations-other-128.5.1-1.1.aarch64" } } ], "category": "architecture", "name": "aarch64" }, { "branches": [ { "category": "product_version", "name": "firefox-esr-128.5.1-1.1.ppc64le", "product": { "name": "firefox-esr-128.5.1-1.1.ppc64le", "product_id": "firefox-esr-128.5.1-1.1.ppc64le" } }, { "category": "product_version", "name": "firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "product": { "name": "firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "product_id": "firefox-esr-branding-upstream-128.5.1-1.1.ppc64le" } }, { "category": "product_version", "name": "firefox-esr-translations-common-128.5.1-1.1.ppc64le", "product": { "name": "firefox-esr-translations-common-128.5.1-1.1.ppc64le", "product_id": "firefox-esr-translations-common-128.5.1-1.1.ppc64le" } }, { "category": "product_version", "name": "firefox-esr-translations-other-128.5.1-1.1.ppc64le", "product": { "name": "firefox-esr-translations-other-128.5.1-1.1.ppc64le", "product_id": "firefox-esr-translations-other-128.5.1-1.1.ppc64le" } } ], "category": "architecture", "name": "ppc64le" }, { "branches": [ { "category": "product_version", "name": "firefox-esr-128.5.1-1.1.s390x", "product": { "name": "firefox-esr-128.5.1-1.1.s390x", "product_id": "firefox-esr-128.5.1-1.1.s390x" } }, { "category": "product_version", "name": "firefox-esr-branding-upstream-128.5.1-1.1.s390x", "product": { "name": "firefox-esr-branding-upstream-128.5.1-1.1.s390x", "product_id": "firefox-esr-branding-upstream-128.5.1-1.1.s390x" } }, { "category": "product_version", "name": "firefox-esr-translations-common-128.5.1-1.1.s390x", "product": { "name": "firefox-esr-translations-common-128.5.1-1.1.s390x", "product_id": "firefox-esr-translations-common-128.5.1-1.1.s390x" } }, { "category": "product_version", "name": "firefox-esr-translations-other-128.5.1-1.1.s390x", "product": { "name": "firefox-esr-translations-other-128.5.1-1.1.s390x", "product_id": "firefox-esr-translations-other-128.5.1-1.1.s390x" } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "firefox-esr-128.5.1-1.1.x86_64", "product": { "name": "firefox-esr-128.5.1-1.1.x86_64", "product_id": "firefox-esr-128.5.1-1.1.x86_64" } }, { "category": "product_version", "name": "firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "product": { "name": "firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "product_id": "firefox-esr-branding-upstream-128.5.1-1.1.x86_64" } }, { "category": "product_version", "name": "firefox-esr-translations-common-128.5.1-1.1.x86_64", "product": { "name": "firefox-esr-translations-common-128.5.1-1.1.x86_64", "product_id": "firefox-esr-translations-common-128.5.1-1.1.x86_64" } }, { "category": "product_version", "name": "firefox-esr-translations-other-128.5.1-1.1.x86_64", "product": { "name": "firefox-esr-translations-other-128.5.1-1.1.x86_64", "product_id": "firefox-esr-translations-other-128.5.1-1.1.x86_64" } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_name", "name": "openSUSE Tumbleweed", "product": { "name": "openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed", "product_identification_helper": { "cpe": "cpe:/o:opensuse:tumbleweed" } } } ], "category": "product_family", "name": "SUSE Linux Enterprise" } ], "category": "vendor", "name": "SUSE" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "firefox-esr-128.5.1-1.1.aarch64 as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64" }, "product_reference": "firefox-esr-128.5.1-1.1.aarch64", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-esr-128.5.1-1.1.ppc64le as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le" }, "product_reference": "firefox-esr-128.5.1-1.1.ppc64le", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-esr-128.5.1-1.1.s390x as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x" }, "product_reference": "firefox-esr-128.5.1-1.1.s390x", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-esr-128.5.1-1.1.x86_64 as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64" }, "product_reference": "firefox-esr-128.5.1-1.1.x86_64", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-esr-branding-upstream-128.5.1-1.1.aarch64 as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64" }, "product_reference": "firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-esr-branding-upstream-128.5.1-1.1.ppc64le as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le" }, "product_reference": "firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-esr-branding-upstream-128.5.1-1.1.s390x as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x" }, "product_reference": "firefox-esr-branding-upstream-128.5.1-1.1.s390x", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-esr-branding-upstream-128.5.1-1.1.x86_64 as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64" }, "product_reference": "firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-esr-translations-common-128.5.1-1.1.aarch64 as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64" }, "product_reference": "firefox-esr-translations-common-128.5.1-1.1.aarch64", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-esr-translations-common-128.5.1-1.1.ppc64le as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le" }, "product_reference": "firefox-esr-translations-common-128.5.1-1.1.ppc64le", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-esr-translations-common-128.5.1-1.1.s390x as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x" }, "product_reference": "firefox-esr-translations-common-128.5.1-1.1.s390x", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-esr-translations-common-128.5.1-1.1.x86_64 as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64" }, "product_reference": "firefox-esr-translations-common-128.5.1-1.1.x86_64", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-esr-translations-other-128.5.1-1.1.aarch64 as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64" }, "product_reference": "firefox-esr-translations-other-128.5.1-1.1.aarch64", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-esr-translations-other-128.5.1-1.1.ppc64le as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le" }, "product_reference": "firefox-esr-translations-other-128.5.1-1.1.ppc64le", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-esr-translations-other-128.5.1-1.1.s390x as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x" }, "product_reference": "firefox-esr-translations-other-128.5.1-1.1.s390x", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-esr-translations-other-128.5.1-1.1.x86_64 as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" }, "product_reference": "firefox-esr-translations-other-128.5.1-1.1.x86_64", "relates_to_product_reference": "openSUSE Tumbleweed" } ] }, "vulnerabilities": [ { "cve": "CVE-2006-6077", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2006-6077" } ], "notes": [ { "category": "general", "text": "The (1) Password Manager in Mozilla Firefox 2.0, and 1.5.0.8 and earlier; and the (2) Passcard Manager in Netscape 8.1.2 and possibly other versions, do not properly verify that an ACTION URL in a FORM element containing a password INPUT element matches the web site for which the user stored a password, which allows remote attackers to obtain passwords via a password INPUT element on a different web page located on the web site intended for this password.", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2006-6077", "url": "https://www.suse.com/security/cve/CVE-2006-6077" }, { "category": "external", "summary": "SUSE Bug 244923 for CVE-2006-6077", "url": "https://bugzilla.suse.com/244923" }, { "category": "external", "summary": "SUSE Bug 550618 for CVE-2006-6077", "url": "https://bugzilla.suse.com/550618" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2024-12-12T00:00:00Z", "details": "moderate" } ], "title": "CVE-2006-6077" }, { "cve": "CVE-2007-0008", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2007-0008" } ], "notes": [ { "category": "general", "text": "Integer underflow in the SSLv2 support in Mozilla Network Security Services (NSS) before 3.11.5, as used by Firefox before 1.5.0.10 and 2.x before 2.0.0.2, SeaMonkey before 1.0.8, Thunderbird before 1.5.0.10, and certain Sun Java System server products before 20070611, allows remote attackers to execute arbitrary code via a crafted SSLv2 server message containing a public key that is too short to encrypt the \"Master Secret\", which results in a heap-based overflow.", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2007-0008", "url": "https://www.suse.com/security/cve/CVE-2007-0008" }, { "category": "external", "summary": "SUSE Bug 244923 for CVE-2007-0008", "url": "https://bugzilla.suse.com/244923" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2024-12-12T00:00:00Z", "details": "moderate" } ], "title": "CVE-2007-0008" }, { "cve": "CVE-2007-0009", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2007-0009" } ], "notes": [ { "category": "general", "text": "Stack-based buffer overflow in the SSLv2 support in Mozilla Network Security Services (NSS) before 3.11.5, as used by Firefox before 1.5.0.10 and 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, SeaMonkey before 1.0.8, and certain Sun Java System server products before 20070611, allows remote attackers to execute arbitrary code via invalid \"Client Master Key\" length values.", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2007-0009", "url": "https://www.suse.com/security/cve/CVE-2007-0009" }, { "category": "external", "summary": "SUSE Bug 244923 for CVE-2007-0009", "url": "https://bugzilla.suse.com/244923" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2024-12-12T00:00:00Z", "details": "moderate" } ], "title": "CVE-2007-0009" }, { "cve": "CVE-2007-0078", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2007-0078" } ], "notes": [ { "category": "general", "text": "BattleBlog stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for database/blankmaster.mdb.", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2007-0078", "url": "https://www.suse.com/security/cve/CVE-2007-0078" }, { "category": "external", "summary": "SUSE Bug 244923 for CVE-2007-0078", "url": "https://bugzilla.suse.com/244923" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2024-12-12T00:00:00Z", "details": "moderate" } ], "title": "CVE-2007-0078" }, { "cve": "CVE-2007-0079", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2007-0079" } ], "notes": [ { "category": "general", "text": "rblog stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for (1) data/admin.mdb or (2) data/rblog.mdb.", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2007-0079", "url": "https://www.suse.com/security/cve/CVE-2007-0079" }, { "category": "external", "summary": "SUSE Bug 244923 for CVE-2007-0079", "url": "https://bugzilla.suse.com/244923" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2024-12-12T00:00:00Z", "details": "important" } ], "title": "CVE-2007-0079" }, { "cve": "CVE-2007-0775", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2007-0775" } ], "notes": [ { "category": "general", "text": "Multiple unspecified vulnerabilities in the layout engine in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, and SeaMonkey before 1.0.8 allow remote attackers to cause a denial of service (crash) and potentially execute arbitrary code via certain vectors.", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2007-0775", "url": "https://www.suse.com/security/cve/CVE-2007-0775" }, { "category": "external", "summary": "SUSE Bug 244923 for CVE-2007-0775", "url": "https://bugzilla.suse.com/244923" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2024-12-12T00:00:00Z", "details": "low" } ], "title": "CVE-2007-0775" }, { "cve": "CVE-2007-0776", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2007-0776" } ], "notes": [ { "category": "general", "text": "Heap-based buffer overflow in the _cairo_pen_init function in Mozilla Firefox 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, and SeaMonkey before 1.0.8 allows remote attackers to execute arbitrary code via a large stroke-width attribute in the clipPath element in an SVG file.", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2007-0776", "url": "https://www.suse.com/security/cve/CVE-2007-0776" }, { "category": "external", "summary": "SUSE Bug 244923 for CVE-2007-0776", "url": "https://bugzilla.suse.com/244923" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2024-12-12T00:00:00Z", "details": "critical" } ], "title": "CVE-2007-0776" }, { "cve": "CVE-2007-0777", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2007-0777" } ], "notes": [ { "category": "general", "text": "The JavaScript engine in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, and SeaMonkey before 1.0.8 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via certain vectors that trigger memory corruption.", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2007-0777", "url": "https://www.suse.com/security/cve/CVE-2007-0777" }, { "category": "external", "summary": "SUSE Bug 244923 for CVE-2007-0777", "url": "https://bugzilla.suse.com/244923" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2024-12-12T00:00:00Z", "details": "critical" } ], "title": "CVE-2007-0777" }, { "cve": "CVE-2007-0780", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2007-0780" } ], "notes": [ { "category": "general", "text": "browser.js in Mozilla Firefox 1.5.x before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 uses the requesting URI to identify child windows, which allows remote attackers to conduct cross-site scripting (XSS) attacks by opening a blocked popup originating from a javascript: URI in combination with multiple frames having the same data: URI.", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2007-0780", "url": "https://www.suse.com/security/cve/CVE-2007-0780" }, { "category": "external", "summary": "SUSE Bug 244923 for CVE-2007-0780", "url": "https://bugzilla.suse.com/244923" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2024-12-12T00:00:00Z", "details": "moderate" } ], "title": "CVE-2007-0780" }, { "cve": "CVE-2007-0800", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2007-0800" } ], "notes": [ { "category": "general", "text": "Cross-zone vulnerability in Mozilla Firefox 1.5.0.9 considers blocked popups to have an internal zone origin, which allows user-assisted remote attackers to cross zone restrictions and read arbitrary file:// URIs by convincing a user to show a blocked popup.", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2007-0800", "url": "https://www.suse.com/security/cve/CVE-2007-0800" }, { "category": "external", "summary": "SUSE Bug 244923 for CVE-2007-0800", "url": "https://bugzilla.suse.com/244923" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2024-12-12T00:00:00Z", "details": "moderate" } ], "title": "CVE-2007-0800" }, { "cve": "CVE-2007-0981", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2007-0981" } ], "notes": [ { "category": "general", "text": "Mozilla based browsers, including Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8, allow remote attackers to bypass the same origin policy, steal cookies, and conduct other attacks by writing a URI with a null byte to the hostname (location.hostname) DOM property, due to interactions with DNS resolver code.", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2007-0981", "url": "https://www.suse.com/security/cve/CVE-2007-0981" }, { "category": "external", "summary": "SUSE Bug 244923 for CVE-2007-0981", "url": "https://bugzilla.suse.com/244923" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2024-12-12T00:00:00Z", "details": "important" } ], "title": "CVE-2007-0981" }, { "cve": "CVE-2007-0995", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2007-0995" } ], "notes": [ { "category": "general", "text": "Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 ignores trailing invalid HTML characters in attribute names, which allows remote attackers to bypass content filters that use regular expressions.", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2007-0995", "url": "https://www.suse.com/security/cve/CVE-2007-0995" }, { "category": "external", "summary": "SUSE Bug 244923 for CVE-2007-0995", "url": "https://bugzilla.suse.com/244923" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2024-12-12T00:00:00Z", "details": "moderate" } ], "title": "CVE-2007-0995" }, { "cve": "CVE-2007-0996", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2007-0996" } ], "notes": [ { "category": "general", "text": "The child frames in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 inherit the default charset from the parent window, which allows remote attackers to conduct cross-site scripting (XSS) attacks, as demonstrated using the UTF-7 character set.", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2007-0996", "url": "https://www.suse.com/security/cve/CVE-2007-0996" }, { "category": "external", "summary": "SUSE Bug 244923 for CVE-2007-0996", "url": "https://bugzilla.suse.com/244923" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2024-12-12T00:00:00Z", "details": "moderate" } ], "title": "CVE-2007-0996" }, { "cve": "CVE-2007-3089", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2007-3089" } ], "notes": [ { "category": "general", "text": "Mozilla Firefox before 2.0.0.5 does not prevent use of document.write to replace an IFRAME (1) during the load stage or (2) in the case of an about:blank frame, which allows remote attackers to display arbitrary HTML or execute certain JavaScript code, as demonstrated by code that intercepts keystroke values from window.event, aka the \"promiscuous IFRAME access bug,\" a related issue to CVE-2006-4568.", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2007-3089", "url": "https://www.suse.com/security/cve/CVE-2007-3089" }, { "category": "external", "summary": "SUSE Bug 288115 for CVE-2007-3089", "url": "https://bugzilla.suse.com/288115" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2024-12-12T00:00:00Z", "details": "important" } ], "title": "CVE-2007-3089" }, { "cve": "CVE-2007-3285", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2007-3285" } ], "notes": [ { "category": "general", "text": "Mozilla Firefox before 2.0.0.5, when run on Windows, allows remote attackers to bypass file type checks and possibly execute programs via a (1) file:/// or (2) resource: URI with a dangerous extension, followed by a NULL byte (%00) and a safer extension, which causes Firefox to treat the requested file differently than Windows would.", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2007-3285", "url": "https://www.suse.com/security/cve/CVE-2007-3285" }, { "category": "external", "summary": "SUSE Bug 288115 for CVE-2007-3285", "url": "https://bugzilla.suse.com/288115" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2024-12-12T00:00:00Z", "details": "critical" } ], "title": "CVE-2007-3285" }, { "cve": "CVE-2007-3656", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2007-3656" } ], "notes": [ { "category": "general", "text": "Mozilla Firefox before 1.8.0.13 and 1.8.1.x before 1.8.1.5 does not perform a security zone check when processing a wyciwyg URI, which allows remote attackers to obtain sensitive information, poison the browser cache, and possibly enable further attack vectors via (1) HTTP 302 redirect controls, (2) XMLHttpRequest, or (3) view-source URIs.", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2007-3656", "url": "https://www.suse.com/security/cve/CVE-2007-3656" }, { "category": "external", "summary": "SUSE Bug 288115 for CVE-2007-3656", "url": "https://bugzilla.suse.com/288115" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2024-12-12T00:00:00Z", "details": "moderate" } ], "title": "CVE-2007-3656" }, { "cve": "CVE-2007-3670", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2007-3670" } ], "notes": [ { "category": "general", "text": "Argument injection vulnerability in Microsoft Internet Explorer, when running on systems with Firefox installed and certain URIs registered, allows remote attackers to conduct cross-browser scripting attacks and execute arbitrary commands via shell metacharacters in a (1) FirefoxURL or (2) FirefoxHTML URI, which are inserted into the command line that is created when invoking firefox.exe. NOTE: it has been debated as to whether the issue is in Internet Explorer or Firefox. As of 20070711, it is CVE\u0027s opinion that IE appears to be failing to properly delimit the URL argument when invoking Firefox, and this issue could arise with other protocol handlers in IE as well. However, Mozilla has stated that it will address the issue with a \"defense in depth\" fix that will \"prevent IE from sending Firefox malicious data.\"", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2007-3670", "url": "https://www.suse.com/security/cve/CVE-2007-3670" }, { "category": "external", "summary": "SUSE Bug 288115 for CVE-2007-3670", "url": "https://bugzilla.suse.com/288115" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2024-12-12T00:00:00Z", "details": "moderate" } ], "title": "CVE-2007-3670" }, { "cve": "CVE-2007-3734", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2007-3734" } ], "notes": [ { "category": "general", "text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 2.0.0.5 and Thunderbird before 2.0.0.5 allow remote attackers to cause a denial of service (crash) via unspecified vectors that trigger memory corruption.", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2007-3734", "url": "https://www.suse.com/security/cve/CVE-2007-3734" }, { "category": "external", "summary": "SUSE Bug 288115 for CVE-2007-3734", "url": "https://bugzilla.suse.com/288115" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2024-12-12T00:00:00Z", "details": "critical" } ], "title": "CVE-2007-3734" }, { "cve": "CVE-2007-3735", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2007-3735" } ], "notes": [ { "category": "general", "text": "Multiple unspecified vulnerabilities in the JavaScript engine in Mozilla Firefox before 2.0.0.5 and Thunderbird before 2.0.0.5 allow remote attackers to cause a denial of service (crash) via unspecified vectors that trigger memory corruption.", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2007-3735", "url": "https://www.suse.com/security/cve/CVE-2007-3735" }, { "category": "external", "summary": "SUSE Bug 288115 for CVE-2007-3735", "url": "https://bugzilla.suse.com/288115" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2024-12-12T00:00:00Z", "details": "critical" } ], "title": "CVE-2007-3735" }, { "cve": "CVE-2007-3736", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2007-3736" } ], "notes": [ { "category": "general", "text": "Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 2.0.0.5 allows remote attackers to inject arbitrary web script \"into another site\u0027s context\" via a \"timing issue\" involving the (1) addEventListener or (2) setTimeout function, probably by setting events that activate after the context has changed.", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2007-3736", "url": "https://www.suse.com/security/cve/CVE-2007-3736" }, { "category": "external", "summary": "SUSE Bug 288115 for CVE-2007-3736", "url": "https://bugzilla.suse.com/288115" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2024-12-12T00:00:00Z", "details": "moderate" } ], "title": "CVE-2007-3736" }, { "cve": "CVE-2007-3737", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2007-3737" } ], "notes": [ { "category": "general", "text": "Mozilla Firefox before 2.0.0.5 allows remote attackers to execute arbitrary code with chrome privileges by calling an event handler from an unspecified \"element outside of a document.\"", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2007-3737", "url": "https://www.suse.com/security/cve/CVE-2007-3737" }, { "category": "external", "summary": "SUSE Bug 288115 for CVE-2007-3737", "url": "https://bugzilla.suse.com/288115" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2024-12-12T00:00:00Z", "details": "critical" } ], "title": "CVE-2007-3737" }, { "cve": "CVE-2007-3738", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2007-3738" } ], "notes": [ { "category": "general", "text": "Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.5 allow remote attackers to execute arbitrary code via a crafted XPCNativeWrapper.", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2007-3738", "url": "https://www.suse.com/security/cve/CVE-2007-3738" }, { "category": "external", "summary": "SUSE Bug 288115 for CVE-2007-3738", "url": "https://bugzilla.suse.com/288115" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2024-12-12T00:00:00Z", "details": "critical" } ], "title": "CVE-2007-3738" }, { "cve": "CVE-2008-0412", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2008-0412" } ], "notes": [ { "category": "general", "text": "The browser engine in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8 allows remote attackers to cause a denial of service (crash) and possibly trigger memory corruption via vectors related to the (1) nsTableFrame::GetFrameAtOrBefore, (2) nsAccessibilityService::GetAccessible, (3) nsBindingManager::GetNestedInsertionPoint, (4) nsXBLPrototypeBinding::AttributeChanged, (5) nsColumnSetFrame::GetContentInsertionFrame, and (6) nsLineLayout::TrimTrailingWhiteSpaceIn methods, and other vectors.", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2008-0412", "url": "https://www.suse.com/security/cve/CVE-2008-0412" }, { "category": "external", "summary": "SUSE Bug 354469 for CVE-2008-0412", "url": "https://bugzilla.suse.com/354469" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2024-12-12T00:00:00Z", "details": "critical" } ], "title": "CVE-2008-0412" }, { "cve": "CVE-2008-0414", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2008-0414" } ], "notes": [ { "category": "general", "text": "Mozilla Firefox before 2.0.0.12 and SeaMonkey before 1.1.8 allows user-assisted remote attackers to trick the user into uploading arbitrary files via label tags that shift focus to a file input field, aka \"focus spoofing.\"", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2008-0414", "url": "https://www.suse.com/security/cve/CVE-2008-0414" }, { "category": "external", "summary": "SUSE Bug 354469 for CVE-2008-0414", "url": "https://bugzilla.suse.com/354469" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2024-12-12T00:00:00Z", "details": "moderate" } ], "title": "CVE-2008-0414" }, { "cve": "CVE-2008-0415", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2008-0415" } ], "notes": [ { "category": "general", "text": "Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8 allows remote attackers to execute script outside of the sandbox and conduct cross-site scripting (XSS) attacks via multiple vectors including the XMLDocument.load function, aka \"JavaScript privilege escalation bugs.\"", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2008-0415", "url": "https://www.suse.com/security/cve/CVE-2008-0415" }, { "category": "external", "summary": "SUSE Bug 354469 for CVE-2008-0415", "url": "https://bugzilla.suse.com/354469" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2024-12-12T00:00:00Z", "details": "moderate" } ], "title": "CVE-2008-0415" }, { "cve": "CVE-2008-0417", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2008-0417" } ], "notes": [ { "category": "general", "text": "CRLF injection vulnerability in Mozilla Firefox before 2.0.0.12 allows remote user-assisted web sites to corrupt the user\u0027s password store via newlines that are not properly handled when the user saves a password.", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2008-0417", "url": "https://www.suse.com/security/cve/CVE-2008-0417" }, { "category": "external", "summary": "SUSE Bug 354469 for CVE-2008-0417", "url": "https://bugzilla.suse.com/354469" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2024-12-12T00:00:00Z", "details": "moderate" } ], "title": "CVE-2008-0417" }, { "cve": "CVE-2008-0418", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2008-0418" } ], "notes": [ { "category": "general", "text": "Directory traversal vulnerability in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8, when using \"flat\" addons, allows remote attackers to read arbitrary Javascript, image, and stylesheet files via the chrome: URI scheme, as demonstrated by stealing session information from sessionstore.js.", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2008-0418", "url": "https://www.suse.com/security/cve/CVE-2008-0418" }, { "category": "external", "summary": "SUSE Bug 354469 for CVE-2008-0418", "url": "https://bugzilla.suse.com/354469" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2024-12-12T00:00:00Z", "details": "moderate" } ], "title": "CVE-2008-0418" }, { "cve": "CVE-2008-0419", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2008-0419" } ], "notes": [ { "category": "general", "text": "Mozilla Firefox before 2.0.0.12 and SeaMonkey before 1.1.8 allows remote attackers to steal navigation history and cause a denial of service (crash) via images in a page that uses designMode frames, which triggers memory corruption related to resize handles.", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2008-0419", "url": "https://www.suse.com/security/cve/CVE-2008-0419" }, { "category": "external", "summary": "SUSE Bug 354469 for CVE-2008-0419", "url": "https://bugzilla.suse.com/354469" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2024-12-12T00:00:00Z", "details": "critical" } ], "title": "CVE-2008-0419" }, { "cve": "CVE-2008-0591", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2008-0591" } ], "notes": [ { "category": "general", "text": "Mozilla Firefox before 2.0.0.12 and Thunderbird before 2.0.0.12 does not properly manage a delay timer used in confirmation dialogs, which might allow remote attackers to trick users into confirming an unsafe action, such as remote file execution, by using a timer to change the window focus, aka the \"dialog refocus bug\" or \"ffclick2\".", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2008-0591", "url": "https://www.suse.com/security/cve/CVE-2008-0591" }, { "category": "external", "summary": "SUSE Bug 354469 for CVE-2008-0591", "url": "https://bugzilla.suse.com/354469" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2024-12-12T00:00:00Z", "details": "moderate" } ], "title": "CVE-2008-0591" }, { "cve": "CVE-2008-0592", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2008-0592" } ], "notes": [ { "category": "general", "text": "Mozilla Firefox before 2.0.0.12 and SeaMonkey before 1.1.8 allows user-assisted remote attackers to cause a denial of service via a plain .txt file with a \"Content-Disposition: attachment\" and an invalid \"Content-Type: plain/text,\" which prevents Firefox from rendering future plain text files within the browser.", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2008-0592", "url": "https://www.suse.com/security/cve/CVE-2008-0592" }, { "category": "external", "summary": "SUSE Bug 354469 for CVE-2008-0592", "url": "https://bugzilla.suse.com/354469" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2024-12-12T00:00:00Z", "details": "moderate" } ], "title": "CVE-2008-0592" }, { "cve": "CVE-2008-0593", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2008-0593" } ], "notes": [ { "category": "general", "text": "Gecko-based browsers, including Mozilla Firefox before 2.0.0.12 and SeaMonkey before 1.1.8, modify the .href property of stylesheet DOM nodes to the final URI of a 302 redirect, which might allow remote attackers to bypass the Same Origin Policy and read sensitive information from the original URL, such as with Single-Signon systems.", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2008-0593", "url": "https://www.suse.com/security/cve/CVE-2008-0593" }, { "category": "external", "summary": "SUSE Bug 354469 for CVE-2008-0593", "url": "https://bugzilla.suse.com/354469" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2024-12-12T00:00:00Z", "details": "moderate" } ], "title": "CVE-2008-0593" }, { "cve": "CVE-2008-0594", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2008-0594" } ], "notes": [ { "category": "general", "text": "Mozilla Firefox before 2.0.0.12 does not always display a web forgery warning dialog if the entire contents of a web page are in a DIV tag that uses absolute positioning, which makes it easier for remote attackers to conduct phishing attacks.", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2008-0594", "url": "https://www.suse.com/security/cve/CVE-2008-0594" }, { "category": "external", "summary": "SUSE Bug 354469 for CVE-2008-0594", "url": "https://bugzilla.suse.com/354469" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2024-12-12T00:00:00Z", "details": "moderate" } ], "title": "CVE-2008-0594" }, { "cve": "CVE-2008-4063", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2008-4063" } ], "notes": [ { "category": "general", "text": "Multiple unspecified vulnerabilities in Mozilla Firefox 3.x before 3.0.2 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the layout engine and (1) a zero value of the \"this\" variable in the nsContentList::Item function; (2) interaction of the indic IME extension, a Hindi language selection, and the \"g\" character; and (3) interaction of the nsFrameList::SortByContentOrder function with a certain insufficient protection of inline frames.", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2008-4063", "url": "https://www.suse.com/security/cve/CVE-2008-4063" }, { "category": "external", "summary": "SUSE Bug 429179 for CVE-2008-4063", "url": "https://bugzilla.suse.com/429179" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2024-12-12T00:00:00Z", "details": "critical" } ], "title": "CVE-2008-4063" }, { "cve": "CVE-2008-5913", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2008-5913" } ], "notes": [ { "category": "general", "text": "The Math.random function in the JavaScript implementation in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, and SeaMonkey before 2.0.5, uses a random number generator that is seeded only once per browser session, which makes it easier for remote attackers to track a user, or trick a user into acting upon a spoofed pop-up message, by calculating the seed value, related to a \"temporary footprint\" and an \"in-session phishing attack.\"", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2008-5913", "url": "https://www.suse.com/security/cve/CVE-2008-5913" }, { "category": "external", "summary": "SUSE Bug 468762 for CVE-2008-5913", "url": "https://bugzilla.suse.com/468762" }, { "category": "external", "summary": "SUSE Bug 603356 for CVE-2008-5913", "url": "https://bugzilla.suse.com/603356" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2024-12-12T00:00:00Z", "details": "moderate" } ], "title": "CVE-2008-5913" }, { "cve": "CVE-2009-0040", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2009-0040" } ], "notes": [ { "category": "general", "text": "The PNG reference library (aka libpng) before 1.0.43, and 1.2.x before 1.2.35, as used in pngcrush and other applications, allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file that triggers a free of an uninitialized pointer in (1) the png_read_png function, (2) pCAL chunk handling, or (3) setup of 16-bit gamma tables.", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2009-0040", "url": "https://www.suse.com/security/cve/CVE-2009-0040" }, { "category": "external", "summary": "SUSE Bug 472745 for CVE-2009-0040", "url": "https://bugzilla.suse.com/472745" }, { "category": "external", "summary": "SUSE Bug 478625 for CVE-2009-0040", "url": "https://bugzilla.suse.com/478625" }, { "category": "external", "summary": "SUSE Bug 608040 for CVE-2009-0040", "url": "https://bugzilla.suse.com/608040" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2024-12-12T00:00:00Z", "details": "moderate" } ], "title": "CVE-2009-0040" }, { "cve": "CVE-2009-0352", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2009-0352" } ], "notes": [ { "category": "general", "text": "Multiple unspecified vulnerabilities in Mozilla Firefox 3.x before 3.0.6, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the layout engine and destruction of arbitrary layout objects by the nsViewManager::Composite function.", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2009-0352", "url": "https://www.suse.com/security/cve/CVE-2009-0352" }, { "category": "external", "summary": "SUSE Bug 470074 for CVE-2009-0352", "url": "https://bugzilla.suse.com/470074" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2024-12-12T00:00:00Z", "details": "critical" } ], "title": "CVE-2009-0352" }, { "cve": "CVE-2009-0354", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2009-0354" } ], "notes": [ { "category": "general", "text": "Cross-domain vulnerability in js/src/jsobj.cpp in Mozilla Firefox 3.x before 3.0.6 allows remote attackers to bypass the Same Origin Policy, and access the properties of an arbitrary window and conduct cross-site scripting (XSS) attacks, via vectors involving a chrome XBL method and the window.eval function.", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2009-0354", "url": "https://www.suse.com/security/cve/CVE-2009-0354" }, { "category": "external", "summary": "SUSE Bug 470074 for CVE-2009-0354", "url": "https://bugzilla.suse.com/470074" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2024-12-12T00:00:00Z", "details": "low" } ], "title": "CVE-2009-0354" }, { "cve": "CVE-2009-0355", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2009-0355" } ], "notes": [ { "category": "general", "text": "components/sessionstore/src/nsSessionStore.js in Mozilla Firefox before 3.0.6 does not block changes of INPUT elements to type=\"file\" during tab restoration, which allows user-assisted remote attackers to read arbitrary files on a client machine via a crafted INPUT element.", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2009-0355", "url": "https://www.suse.com/security/cve/CVE-2009-0355" }, { "category": "external", "summary": "SUSE Bug 470074 for CVE-2009-0355", "url": "https://bugzilla.suse.com/470074" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2024-12-12T00:00:00Z", "details": "moderate" } ], "title": "CVE-2009-0355" }, { "cve": "CVE-2009-0356", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2009-0356" } ], "notes": [ { "category": "general", "text": "Mozilla Firefox before 3.0.6 and SeaMonkey do not block links to the (1) about:plugins and (2) about:config URIs from .desktop files, which allows user-assisted remote attackers to bypass the Same Origin Policy and execute arbitrary code with chrome privileges via vectors involving the URL field in a Desktop Entry section of a .desktop file, related to representation of about: URIs as jar:file:// URIs. NOTE: this issue exists because of an incomplete fix for CVE-2008-4582.", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2009-0356", "url": "https://www.suse.com/security/cve/CVE-2009-0356" }, { "category": "external", "summary": "SUSE Bug 470074 for CVE-2009-0356", "url": "https://bugzilla.suse.com/470074" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2024-12-12T00:00:00Z", "details": "moderate" } ], "title": "CVE-2009-0356" }, { "cve": "CVE-2009-0357", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2009-0357" } ], "notes": [ { "category": "general", "text": "Mozilla Firefox before 3.0.6 and SeaMonkey before 1.1.15 do not properly restrict access from web pages to the (1) Set-Cookie and (2) Set-Cookie2 HTTP response headers, which allows remote attackers to obtain sensitive information from cookies via XMLHttpRequest calls, related to the HTTPOnly protection mechanism.", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2009-0357", "url": "https://www.suse.com/security/cve/CVE-2009-0357" }, { "category": "external", "summary": "SUSE Bug 470074 for CVE-2009-0357", "url": "https://bugzilla.suse.com/470074" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2024-12-12T00:00:00Z", "details": "moderate" } ], "title": "CVE-2009-0357" }, { "cve": "CVE-2009-0358", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2009-0358" } ], "notes": [ { "category": "general", "text": "Mozilla Firefox 3.x before 3.0.6 does not properly implement the (1) no-store and (2) no-cache Cache-Control directives, which allows local users to obtain sensitive information by using the (a) back button or (b) history list of the victim\u0027s browser, as demonstrated by reading the response page of an https POST request.", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2009-0358", "url": "https://www.suse.com/security/cve/CVE-2009-0358" }, { "category": "external", "summary": "SUSE Bug 470074 for CVE-2009-0358", "url": "https://bugzilla.suse.com/470074" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2024-12-12T00:00:00Z", "details": "low" } ], "title": "CVE-2009-0358" }, { "cve": "CVE-2009-0652", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2009-0652" } ], "notes": [ { "category": "general", "text": "The Internationalized Domain Names (IDN) blacklist in Mozilla Firefox 3.0.6 and other versions before 3.0.9; Thunderbird before 2.0.0.21; and SeaMonkey before 1.1.15 does not include box-drawing characters, which allows remote attackers to spoof URLs and conduct phishing attacks, as demonstrated by homoglyphs of the / (slash) and ? (question mark) characters in a subdomain of a .cn domain name, a different vulnerability than CVE-2005-0233. NOTE: some third parties claim that 3.0.6 is not affected, but much older versions perhaps are affected.", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2009-0652", "url": "https://www.suse.com/security/cve/CVE-2009-0652" }, { "category": "external", "summary": "SUSE Bug 495473 for CVE-2009-0652", "url": "https://bugzilla.suse.com/495473" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2024-12-12T00:00:00Z", "details": "important" } ], "title": "CVE-2009-0652" }, { "cve": "CVE-2009-0771", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2009-0771" } ], "notes": [ { "category": "general", "text": "The layout engine in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via certain vectors that trigger memory corruption and assertion failures.", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2009-0771", "url": "https://www.suse.com/security/cve/CVE-2009-0771" }, { "category": "external", "summary": "SUSE Bug 478625 for CVE-2009-0771", "url": "https://bugzilla.suse.com/478625" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2024-12-12T00:00:00Z", "details": "critical" } ], "title": "CVE-2009-0771" }, { "cve": "CVE-2009-0772", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2009-0772" } ], "notes": [ { "category": "general", "text": "The layout engine in Mozilla Firefox 2 and 3 before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to nsCSSStyleSheet::GetOwnerNode, events, and garbage collection, which triggers memory corruption.", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2009-0772", "url": "https://www.suse.com/security/cve/CVE-2009-0772" }, { "category": "external", "summary": "SUSE Bug 478625 for CVE-2009-0772", "url": "https://bugzilla.suse.com/478625" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2024-12-12T00:00:00Z", "details": "critical" } ], "title": "CVE-2009-0772" }, { "cve": "CVE-2009-0773", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2009-0773" } ], "notes": [ { "category": "general", "text": "The JavaScript engine in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) a splice of an array that contains \"some non-set elements,\" which causes jsarray.cpp to pass an incorrect argument to the ResizeSlots function, which triggers memory corruption; (2) vectors related to js_DecompileValueGenerator, jsopcode.cpp, __defineSetter__, and watch, which triggers an assertion failure or a segmentation fault; and (3) vectors related to gczeal, __defineSetter__, and watch, which triggers a hang.", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2009-0773", "url": "https://www.suse.com/security/cve/CVE-2009-0773" }, { "category": "external", "summary": "SUSE Bug 478625 for CVE-2009-0773", "url": "https://bugzilla.suse.com/478625" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2024-12-12T00:00:00Z", "details": "critical" } ], "title": "CVE-2009-0773" }, { "cve": "CVE-2009-0774", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2009-0774" } ], "notes": [ { "category": "general", "text": "The layout engine in Mozilla Firefox 2 and 3 before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to gczeal, a different vulnerability than CVE-2009-0773.", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2009-0774", "url": "https://www.suse.com/security/cve/CVE-2009-0774" }, { "category": "external", "summary": "SUSE Bug 478625 for CVE-2009-0774", "url": "https://bugzilla.suse.com/478625" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2024-12-12T00:00:00Z", "details": "critical" } ], "title": "CVE-2009-0774" }, { "cve": "CVE-2009-0775", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2009-0775" } ], "notes": [ { "category": "general", "text": "Double free vulnerability in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 allows remote attackers to execute arbitrary code via \"cloned XUL DOM elements which were linked as a parent and child,\" which are not properly handled during garbage collection.", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2009-0775", "url": "https://www.suse.com/security/cve/CVE-2009-0775" }, { "category": "external", "summary": "SUSE Bug 478625 for CVE-2009-0775", "url": "https://bugzilla.suse.com/478625" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2024-12-12T00:00:00Z", "details": "critical" } ], "title": "CVE-2009-0775" }, { "cve": "CVE-2009-0776", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2009-0776" } ], "notes": [ { "category": "general", "text": "nsIRDFService in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 allows remote attackers to bypass the same-origin policy and read XML data from another domain via a cross-domain redirect.", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2009-0776", "url": "https://www.suse.com/security/cve/CVE-2009-0776" }, { "category": "external", "summary": "SUSE Bug 465291 for CVE-2009-0776", "url": "https://bugzilla.suse.com/465291" }, { "category": "external", "summary": "SUSE Bug 478625 for CVE-2009-0776", "url": "https://bugzilla.suse.com/478625" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2024-12-12T00:00:00Z", "details": "important" } ], "title": "CVE-2009-0776" }, { "cve": "CVE-2009-0777", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2009-0777" } ], "notes": [ { "category": "general", "text": "Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 decode invisible characters when they are displayed in the location bar, which causes an incorrect address to be displayed and makes it easier for remote attackers to spoof URLs and conduct phishing attacks.", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2009-0777", "url": "https://www.suse.com/security/cve/CVE-2009-0777" }, { "category": "external", "summary": "SUSE Bug 478625 for CVE-2009-0777", "url": "https://bugzilla.suse.com/478625" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2024-12-12T00:00:00Z", "details": "moderate" } ], "title": "CVE-2009-0777" }, { "cve": "CVE-2009-1044", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2009-1044" } ], "notes": [ { "category": "general", "text": "Mozilla Firefox 3.0.7 on Windows 7 allows remote attackers to execute arbitrary code via unknown vectors related to the _moveToEdgeShift XUL tree method, which triggers garbage collection on objects that are still in use, as demonstrated by Nils during a PWN2OWN competition at CanSecWest 2009.", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2009-1044", "url": "https://www.suse.com/security/cve/CVE-2009-1044" }, { "category": "external", "summary": "SUSE Bug 465291 for CVE-2009-1044", "url": "https://bugzilla.suse.com/465291" }, { "category": "external", "summary": "SUSE Bug 488955 for CVE-2009-1044", "url": "https://bugzilla.suse.com/488955" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2024-12-12T00:00:00Z", "details": "critical" } ], "title": "CVE-2009-1044" }, { "cve": "CVE-2009-1169", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2009-1169" } ], "notes": [ { "category": "general", "text": "The txMozillaXSLTProcessor::TransformToDoc function in Mozilla Firefox before 3.0.8 and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an XML file with a crafted XSLT transform.", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2009-1169", "url": "https://www.suse.com/security/cve/CVE-2009-1169" }, { "category": "external", "summary": "SUSE Bug 488955 for CVE-2009-1169", "url": "https://bugzilla.suse.com/488955" }, { "category": "external", "summary": "SUSE Bug 509766 for CVE-2009-1169", "url": "https://bugzilla.suse.com/509766" }, { "category": "external", "summary": "SUSE Bug 510964 for CVE-2009-1169", "url": "https://bugzilla.suse.com/510964" }, { "category": "external", "summary": "SUSE Bug 515951 for CVE-2009-1169", "url": "https://bugzilla.suse.com/515951" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2024-12-12T00:00:00Z", "details": "critical" } ], "title": "CVE-2009-1169" }, { "cve": "CVE-2009-1302", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2009-1302" } ], "notes": [ { "category": "general", "text": "The browser engine in Mozilla Firefox 3.x before 3.0.9, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service (application crash) and possibly trigger memory corruption via vectors related to (1) nsAsyncInstantiateEvent::Run, (2) nsStyleContext::Destroy, (3) nsComputedDOMStyle::GetWidth, (4) the xslt_attributeset_ImportSameName.html test case for the XSLT stylesheet compiler, (5) nsXULDocument::SynchronizeBroadcastListener, (6) IsBindingAncestor, (7) PL_DHashTableOperate and nsEditor::EndUpdateViewBatch, and (8) gfxSkipCharsIterator::SetOffsets, and other vectors.", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2009-1302", "url": "https://www.suse.com/security/cve/CVE-2009-1302" }, { "category": "external", "summary": "SUSE Bug 495473 for CVE-2009-1302", "url": "https://bugzilla.suse.com/495473" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2024-12-12T00:00:00Z", "details": "moderate" } ], "title": "CVE-2009-1302" }, { "cve": "CVE-2009-1306", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2009-1306" } ], "notes": [ { "category": "general", "text": "The jar: URI implementation in Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey does not follow the Content-Disposition header of the inner URI, which allows remote attackers to conduct cross-site scripting (XSS) attacks and possibly other attacks via an uploaded .jar file with a \"Content-Disposition: attachment\" designation.", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2009-1306", "url": "https://www.suse.com/security/cve/CVE-2009-1306" }, { "category": "external", "summary": "SUSE Bug 495473 for CVE-2009-1306", "url": "https://bugzilla.suse.com/495473" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2024-12-12T00:00:00Z", "details": "moderate" } ], "title": "CVE-2009-1306" }, { "cve": "CVE-2009-1307", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2009-1307" } ], "notes": [ { "category": "general", "text": "The view-source: URI implementation in Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey does not properly implement the Same Origin Policy, which allows remote attackers to (1) bypass crossdomain.xml restrictions and connect to arbitrary web sites via a Flash file; (2) read, create, or modify Local Shared Objects via a Flash file; or (3) bypass unspecified restrictions and render content via vectors involving a jar: URI.", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2009-1307", "url": "https://www.suse.com/security/cve/CVE-2009-1307" }, { "category": "external", "summary": "SUSE Bug 495473 for CVE-2009-1307", "url": "https://bugzilla.suse.com/495473" }, { "category": "external", "summary": "SUSE Bug 515951 for CVE-2009-1307", "url": "https://bugzilla.suse.com/515951" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2024-12-12T00:00:00Z", "details": "moderate" } ], "title": "CVE-2009-1307" }, { "cve": "CVE-2009-1308", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2009-1308" } ], "notes": [ { "category": "general", "text": "Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey allows remote attackers to inject arbitrary web script or HTML via vectors involving XBL JavaScript bindings and remote stylesheets, as exploited in the wild by a March 2009 eBay listing.", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2009-1308", "url": "https://www.suse.com/security/cve/CVE-2009-1308" }, { "category": "external", "summary": "SUSE Bug 495473 for CVE-2009-1308", "url": "https://bugzilla.suse.com/495473" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2024-12-12T00:00:00Z", "details": "moderate" } ], "title": "CVE-2009-1308" }, { "cve": "CVE-2009-1309", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2009-1309" } ], "notes": [ { "category": "general", "text": "Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey do not properly implement the Same Origin Policy for (1) XMLHttpRequest, involving a mismatch for a document\u0027s principal, and (2) XPCNativeWrapper.toString, involving an incorrect __proto__ scope, which allows remote attackers to conduct cross-site scripting (XSS) attacks and possibly other attacks via a crafted document.", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2009-1309", "url": "https://www.suse.com/security/cve/CVE-2009-1309" }, { "category": "external", "summary": "SUSE Bug 495473 for CVE-2009-1309", "url": "https://bugzilla.suse.com/495473" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2024-12-12T00:00:00Z", "details": "moderate" } ], "title": "CVE-2009-1309" }, { "cve": "CVE-2009-1310", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2009-1310" } ], "notes": [ { "category": "general", "text": "Cross-site scripting (XSS) vulnerability in the MozSearch plugin implementation in Mozilla Firefox before 3.0.9 allows user-assisted remote attackers to inject arbitrary web script or HTML via a javascript: URI in the SearchForm element.", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2009-1310", "url": "https://www.suse.com/security/cve/CVE-2009-1310" }, { "category": "external", "summary": "SUSE Bug 495473 for CVE-2009-1310", "url": "https://bugzilla.suse.com/495473" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2024-12-12T00:00:00Z", "details": "moderate" } ], "title": "CVE-2009-1310" }, { "cve": "CVE-2009-1311", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2009-1311" } ], "notes": [ { "category": "general", "text": "Mozilla Firefox before 3.0.9 and SeaMonkey before 1.1.17 allow user-assisted remote attackers to obtain sensitive information via a web page with an embedded frame, which causes POST data from an outer page to be sent to the inner frame\u0027s URL during a SAVEMODE_FILEONLY save of the inner frame.", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2009-1311", "url": "https://www.suse.com/security/cve/CVE-2009-1311" }, { "category": "external", "summary": "SUSE Bug 465291 for CVE-2009-1311", "url": "https://bugzilla.suse.com/465291" }, { "category": "external", "summary": "SUSE Bug 495473 for CVE-2009-1311", "url": "https://bugzilla.suse.com/495473" }, { "category": "external", "summary": "SUSE Bug 515951 for CVE-2009-1311", "url": "https://bugzilla.suse.com/515951" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2024-12-12T00:00:00Z", "details": "moderate" } ], "title": "CVE-2009-1311" }, { "cve": "CVE-2009-1312", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2009-1312" } ], "notes": [ { "category": "general", "text": "Mozilla Firefox before 3.0.9 and SeaMonkey 1.1.17 do not block javascript: URIs in Refresh headers in HTTP responses, which allows remote attackers to conduct cross-site scripting (XSS) attacks via vectors related to (1) injecting a Refresh header or (2) specifying the content of a Refresh header. NOTE: it was later reported that Firefox 3.6 a1 pre and Mozilla 1.7.x and earlier are also affected.", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2009-1312", "url": "https://www.suse.com/security/cve/CVE-2009-1312" }, { "category": "external", "summary": "SUSE Bug 495473 for CVE-2009-1312", "url": "https://bugzilla.suse.com/495473" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2024-12-12T00:00:00Z", "details": "moderate" } ], "title": "CVE-2009-1312" }, { "cve": "CVE-2009-1313", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2009-1313" } ], "notes": [ { "category": "general", "text": "The nsTextFrame::ClearTextRun function in layout/generic/nsTextFrameThebes.cpp in Mozilla Firefox 3.0.9 allows remote attackers to cause a denial of service (memory corruption) and probably execute arbitrary code via unspecified vectors. NOTE: this vulnerability reportedly exists because of an incorrect fix for CVE-2009-1302.", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2009-1313", "url": "https://www.suse.com/security/cve/CVE-2009-1313" }, { "category": "external", "summary": "SUSE Bug 500909 for CVE-2009-1313", "url": "https://bugzilla.suse.com/500909" }, { "category": "external", "summary": "SUSE Bug 502062 for CVE-2009-1313", "url": "https://bugzilla.suse.com/502062" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2024-12-12T00:00:00Z", "details": "critical" } ], "title": "CVE-2009-1313" }, { "cve": "CVE-2009-1563", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2009-1563" } ], "notes": [ { "category": "general", "text": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2009-0689. Reason: This candidate is a duplicate of CVE-2009-0689. Certain codebase relationships were not originally clear. Notes: All CVE users should reference CVE-2009-0689 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2009-1563", "url": "https://www.suse.com/security/cve/CVE-2009-1563" }, { "category": "external", "summary": "SUSE Bug 522109 for CVE-2009-1563", "url": "https://bugzilla.suse.com/522109" }, { "category": "external", "summary": "SUSE Bug 545277 for CVE-2009-1563", "url": "https://bugzilla.suse.com/545277" }, { "category": "external", "summary": "SUSE Bug 546371 for CVE-2009-1563", "url": "https://bugzilla.suse.com/546371" }, { "category": "external", "summary": "SUSE Bug 557126 for CVE-2009-1563", "url": "https://bugzilla.suse.com/557126" }, { "category": "external", "summary": "SUSE Bug 557127 for CVE-2009-1563", "url": "https://bugzilla.suse.com/557127" }, { "category": "external", "summary": "SUSE Bug 557128 for CVE-2009-1563", "url": "https://bugzilla.suse.com/557128" }, { "category": "external", "summary": "SUSE Bug 557671 for CVE-2009-1563", "url": "https://bugzilla.suse.com/557671" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2024-12-12T00:00:00Z", "details": "moderate" } ], "title": "CVE-2009-1563" }, { "cve": "CVE-2009-2470", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2009-2470" } ], "notes": [ { "category": "general", "text": "Mozilla Firefox before 3.0.12, and 3.5.x before 3.5.2, allows remote SOCKS5 proxy servers to cause a denial of service (data stream corruption) via a long domain name in a reply.", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2009-2470", "url": "https://www.suse.com/security/cve/CVE-2009-2470" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2024-12-12T00:00:00Z", "details": "moderate" } ], "title": "CVE-2009-2470" }, { "cve": "CVE-2009-2654", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2009-2654" } ], "notes": [ { "category": "general", "text": "Mozilla Firefox before 3.0.13, and 3.5.x before 3.5.2, allows remote attackers to spoof the address bar, and possibly conduct phishing attacks, via a crafted web page that calls window.open with an invalid character in the URL, makes document.write calls to the resulting object, and then calls the stop method during the loading of the error page.", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2009-2654", "url": "https://www.suse.com/security/cve/CVE-2009-2654" }, { "category": "external", "summary": "SUSE Bug 527489 for CVE-2009-2654", "url": "https://bugzilla.suse.com/527489" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2024-12-12T00:00:00Z", "details": "moderate" } ], "title": "CVE-2009-2654" }, { "cve": "CVE-2009-3069", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2009-3069" } ], "notes": [ { "category": "general", "text": "Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.3 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2009-3069", "url": "https://www.suse.com/security/cve/CVE-2009-3069" }, { "category": "external", "summary": "SUSE Bug 534458 for CVE-2009-3069", "url": "https://bugzilla.suse.com/534458" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2024-12-12T00:00:00Z", "details": "critical" } ], "title": "CVE-2009-3069" }, { "cve": "CVE-2009-3072", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2009-3072" } ], "notes": [ { "category": "general", "text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.0.14 and 3.5.x before 3.5.3, Thunderbird before 2.0.0.24, and SeaMonkey before 1.1.19 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the BinHex decoder in netwerk/streamconv/converters/nsBinHexDecoder.cpp, and unknown vectors.", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2009-3072", "url": "https://www.suse.com/security/cve/CVE-2009-3072" }, { "category": "external", "summary": "SUSE Bug 534458 for CVE-2009-3072", "url": "https://bugzilla.suse.com/534458" }, { "category": "external", "summary": "SUSE Bug 538290 for CVE-2009-3072", "url": "https://bugzilla.suse.com/538290" }, { "category": "external", "summary": "SUSE Bug 590499 for CVE-2009-3072", "url": "https://bugzilla.suse.com/590499" }, { "category": "external", "summary": "SUSE Bug 607935 for CVE-2009-3072", "url": "https://bugzilla.suse.com/607935" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2024-12-12T00:00:00Z", "details": "critical" } ], "title": "CVE-2009-3072" }, { "cve": "CVE-2009-3077", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2009-3077" } ], "notes": [ { "category": "general", "text": "Mozilla Firefox before 3.0.14, and 3.5.x before 3.5.3, does not properly manage pointers for the columns (aka TreeColumns) of a XUL tree element, which allows remote attackers to execute arbitrary code via a crafted HTML document, related to a \"dangling pointer vulnerability.\"", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2009-3077", "url": "https://www.suse.com/security/cve/CVE-2009-3077" }, { "category": "external", "summary": "SUSE Bug 534458 for CVE-2009-3077", "url": "https://bugzilla.suse.com/534458" }, { "category": "external", "summary": "SUSE Bug 538290 for CVE-2009-3077", "url": "https://bugzilla.suse.com/538290" }, { "category": "external", "summary": "SUSE Bug 590499 for CVE-2009-3077", "url": "https://bugzilla.suse.com/590499" }, { "category": "external", "summary": "SUSE Bug 607935 for CVE-2009-3077", "url": "https://bugzilla.suse.com/607935" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2024-12-12T00:00:00Z", "details": "critical" } ], "title": "CVE-2009-3077" }, { "cve": "CVE-2009-3078", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2009-3078" } ], "notes": [ { "category": "general", "text": "Visual truncation vulnerability in Mozilla Firefox before 3.0.14, and 3.5.x before 3.5.3, allows remote attackers to trigger a vertical scroll and spoof URLs via unspecified Unicode characters with a tall line-height property.", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2009-3078", "url": "https://www.suse.com/security/cve/CVE-2009-3078" }, { "category": "external", "summary": "SUSE Bug 534458 for CVE-2009-3078", "url": "https://bugzilla.suse.com/534458" }, { "category": "external", "summary": "SUSE Bug 538290 for CVE-2009-3078", "url": "https://bugzilla.suse.com/538290" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2024-12-12T00:00:00Z", "details": "moderate" } ], "title": "CVE-2009-3078" }, { "cve": "CVE-2009-3079", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2009-3079" } ], "notes": [ { "category": "general", "text": "Unspecified vulnerability in Mozilla Firefox before 3.0.14, and 3.5.x before 3.5.3, allows remote attackers to execute arbitrary JavaScript with chrome privileges via vectors involving an object, the FeedWriter, and the BrowserFeedWriter.", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2009-3079", "url": "https://www.suse.com/security/cve/CVE-2009-3079" }, { "category": "external", "summary": "SUSE Bug 534458 for CVE-2009-3079", "url": "https://bugzilla.suse.com/534458" }, { "category": "external", "summary": "SUSE Bug 538290 for CVE-2009-3079", "url": "https://bugzilla.suse.com/538290" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2024-12-12T00:00:00Z", "details": "critical" } ], "title": "CVE-2009-3079" }, { "cve": "CVE-2009-3274", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2009-3274" } ], "notes": [ { "category": "general", "text": "Mozilla Firefox 3.6a1, 3.5.3, 3.5.2, and earlier 3.5.x versions, and 3.0.14 and earlier 2.x and 3.x versions, on Linux uses a predictable /tmp pathname for files selected from the Downloads window, which allows local users to replace an arbitrary downloaded file by placing a file in a /tmp location before the download occurs, related to the Download Manager component. NOTE: some of these details are obtained from third party information.", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2009-3274", "url": "https://www.suse.com/security/cve/CVE-2009-3274" }, { "category": "external", "summary": "SUSE Bug 522109 for CVE-2009-3274", "url": "https://bugzilla.suse.com/522109" }, { "category": "external", "summary": "SUSE Bug 534458 for CVE-2009-3274", "url": "https://bugzilla.suse.com/534458" }, { "category": "external", "summary": "SUSE Bug 545277 for CVE-2009-3274", "url": "https://bugzilla.suse.com/545277" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2024-12-12T00:00:00Z", "details": "important" } ], "title": "CVE-2009-3274" }, { "cve": "CVE-2009-3370", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2009-3370" } ], "notes": [ { "category": "general", "text": "Mozilla Firefox before 3.0.15, and 3.5.x before 3.5.4, allows remote attackers to read form history by forging mouse and keyboard events that leverage the auto-fill feature to populate form fields, in an attacker-readable form, with history entries.", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2009-3370", "url": "https://www.suse.com/security/cve/CVE-2009-3370" }, { "category": "external", "summary": "SUSE Bug 522109 for CVE-2009-3370", "url": "https://bugzilla.suse.com/522109" }, { "category": "external", "summary": "SUSE Bug 545277 for CVE-2009-3370", "url": "https://bugzilla.suse.com/545277" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2024-12-12T00:00:00Z", "details": "moderate" } ], "title": "CVE-2009-3370" }, { "cve": "CVE-2009-3371", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2009-3371" } ], "notes": [ { "category": "general", "text": "Use-after-free vulnerability in Mozilla Firefox 3.5.x before 3.5.4 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code by creating JavaScript web-workers recursively.", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2009-3371", "url": "https://www.suse.com/security/cve/CVE-2009-3371" }, { "category": "external", "summary": "SUSE Bug 522109 for CVE-2009-3371", "url": "https://bugzilla.suse.com/522109" }, { "category": "external", "summary": "SUSE Bug 545277 for CVE-2009-3371", "url": "https://bugzilla.suse.com/545277" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2024-12-12T00:00:00Z", "details": "critical" } ], "title": "CVE-2009-3371" }, { "cve": "CVE-2009-3372", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2009-3372" } ], "notes": [ { "category": "general", "text": "Mozilla Firefox before 3.0.15 and 3.5.x before 3.5.4, and SeaMonkey before 2.0, allows remote attackers to execute arbitrary code via a crafted regular expression in a Proxy Auto-configuration (PAC) file.", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2009-3372", "url": "https://www.suse.com/security/cve/CVE-2009-3372" }, { "category": "external", "summary": "SUSE Bug 522109 for CVE-2009-3372", "url": "https://bugzilla.suse.com/522109" }, { "category": "external", "summary": "SUSE Bug 545277 for CVE-2009-3372", "url": "https://bugzilla.suse.com/545277" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2024-12-12T00:00:00Z", "details": "critical" } ], "title": "CVE-2009-3372" }, { "cve": "CVE-2009-3373", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2009-3373" } ], "notes": [ { "category": "general", "text": "Heap-based buffer overflow in the GIF image parser in Mozilla Firefox before 3.0.15 and 3.5.x before 3.5.4, and SeaMonkey before 2.0, allows remote attackers to execute arbitrary code via unspecified vectors.", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2009-3373", "url": "https://www.suse.com/security/cve/CVE-2009-3373" }, { "category": "external", "summary": "SUSE Bug 522109 for CVE-2009-3373", "url": "https://bugzilla.suse.com/522109" }, { "category": "external", "summary": "SUSE Bug 545277 for CVE-2009-3373", "url": "https://bugzilla.suse.com/545277" }, { "category": "external", "summary": "SUSE Bug 557686 for CVE-2009-3373", "url": "https://bugzilla.suse.com/557686" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2024-12-12T00:00:00Z", "details": "critical" } ], "title": "CVE-2009-3373" }, { "cve": "CVE-2009-3374", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2009-3374" } ], "notes": [ { "category": "general", "text": "The XPCVariant::VariantDataToJS function in the XPCOM implementation in Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4 does not enforce intended restrictions on interaction between chrome privileged code and objects obtained from remote web sites, which allows remote attackers to execute arbitrary JavaScript with chrome privileges via unspecified method calls, related to \"doubly-wrapped objects.\"", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2009-3374", "url": "https://www.suse.com/security/cve/CVE-2009-3374" }, { "category": "external", "summary": "SUSE Bug 522109 for CVE-2009-3374", "url": "https://bugzilla.suse.com/522109" }, { "category": "external", "summary": "SUSE Bug 545277 for CVE-2009-3374", "url": "https://bugzilla.suse.com/545277" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2024-12-12T00:00:00Z", "details": "important" } ], "title": "CVE-2009-3374" }, { "cve": "CVE-2009-3375", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2009-3375" } ], "notes": [ { "category": "general", "text": "content/html/document/src/nsHTMLDocument.cpp in Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4 allows user-assisted remote attackers to bypass the Same Origin Policy and read an arbitrary content selection via the document.getSelection function.", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2009-3375", "url": "https://www.suse.com/security/cve/CVE-2009-3375" }, { "category": "external", "summary": "SUSE Bug 522109 for CVE-2009-3375", "url": "https://bugzilla.suse.com/522109" }, { "category": "external", "summary": "SUSE Bug 545277 for CVE-2009-3375", "url": "https://bugzilla.suse.com/545277" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2024-12-12T00:00:00Z", "details": "moderate" } ], "title": "CVE-2009-3375" }, { "cve": "CVE-2009-3376", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2009-3376" } ], "notes": [ { "category": "general", "text": "Mozilla Firefox before 3.0.15 and 3.5.x before 3.5.4, and SeaMonkey before 2.0, does not properly handle a right-to-left override (aka RLO or U+202E) Unicode character in a download filename, which allows remote attackers to spoof file extensions via a crafted filename, as demonstrated by displaying a non-executable extension for an executable file.", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2009-3376", "url": "https://www.suse.com/security/cve/CVE-2009-3376" }, { "category": "external", "summary": "SUSE Bug 522109 for CVE-2009-3376", "url": "https://bugzilla.suse.com/522109" }, { "category": "external", "summary": "SUSE Bug 545277 for CVE-2009-3376", "url": "https://bugzilla.suse.com/545277" }, { "category": "external", "summary": "SUSE Bug 590499 for CVE-2009-3376", "url": "https://bugzilla.suse.com/590499" }, { "category": "external", "summary": "SUSE Bug 607935 for CVE-2009-3376", "url": "https://bugzilla.suse.com/607935" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2024-12-12T00:00:00Z", "details": "critical" } ], "title": "CVE-2009-3376" }, { "cve": "CVE-2009-3377", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2009-3377" } ], "notes": [ { "category": "general", "text": "Multiple unspecified vulnerabilities in liboggz before cf5feeaab69b05e24, as used in Mozilla Firefox 3.5.x before 3.5.4, allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unknown vectors.", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2009-3377", "url": "https://www.suse.com/security/cve/CVE-2009-3377" }, { "category": "external", "summary": "SUSE Bug 522109 for CVE-2009-3377", "url": "https://bugzilla.suse.com/522109" }, { "category": "external", "summary": "SUSE Bug 545277 for CVE-2009-3377", "url": "https://bugzilla.suse.com/545277" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2024-12-12T00:00:00Z", "details": "critical" } ], "title": "CVE-2009-3377" }, { "cve": "CVE-2009-3380", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2009-3380" } ], "notes": [ { "category": "general", "text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2009-3380", "url": "https://www.suse.com/security/cve/CVE-2009-3380" }, { "category": "external", "summary": "SUSE Bug 522109 for CVE-2009-3380", "url": "https://bugzilla.suse.com/522109" }, { "category": "external", "summary": "SUSE Bug 545277 for CVE-2009-3380", "url": "https://bugzilla.suse.com/545277" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2024-12-12T00:00:00Z", "details": "important" } ], "title": "CVE-2009-3380" }, { "cve": "CVE-2009-3388", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2009-3388" } ], "notes": [ { "category": "general", "text": "liboggplay in Mozilla Firefox 3.5.x before 3.5.6 and SeaMonkey before 2.0.1 might allow context-dependent attackers to cause a denial of service (application crash) or execute arbitrary code via unspecified vectors, related to \"memory safety issues.\"", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2009-3388", "url": "https://www.suse.com/security/cve/CVE-2009-3388" }, { "category": "external", "summary": "SUSE Bug 559807 for CVE-2009-3388", "url": "https://bugzilla.suse.com/559807" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2024-12-12T00:00:00Z", "details": "critical" } ], "title": "CVE-2009-3388" }, { "cve": "CVE-2009-3389", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2009-3389" } ], "notes": [ { "category": "general", "text": "Integer overflow in libtheora in Xiph.Org Theora before 1.1, as used in Mozilla Firefox 3.5 before 3.5.6 and SeaMonkey before 2.0.1, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a video with large dimensions.", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2009-3389", "url": "https://www.suse.com/security/cve/CVE-2009-3389" }, { "category": "external", "summary": "SUSE Bug 559807 for CVE-2009-3389", "url": "https://bugzilla.suse.com/559807" }, { "category": "external", "summary": "SUSE Bug 581722 for CVE-2009-3389", "url": "https://bugzilla.suse.com/581722" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2024-12-12T00:00:00Z", "details": "critical" } ], "title": "CVE-2009-3389" }, { "cve": "CVE-2009-3555", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2009-3555" } ], "notes": [ { "category": "general", "text": "The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, multiple Cisco products, and other products, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by a server in a post-renegotiation context, related to a \"plaintext injection\" attack, aka the \"Project Mogul\" issue.", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2009-3555", "url": "https://www.suse.com/security/cve/CVE-2009-3555" }, { "category": "external", "summary": "SUSE Bug 1077582 for CVE-2009-3555", "url": "https://bugzilla.suse.com/1077582" }, { "category": "external", "summary": "SUSE Bug 459468 for CVE-2009-3555", "url": "https://bugzilla.suse.com/459468" }, { "category": "external", "summary": "SUSE Bug 552497 for CVE-2009-3555", "url": "https://bugzilla.suse.com/552497" }, { "category": "external", "summary": "SUSE Bug 553641 for CVE-2009-3555", "url": "https://bugzilla.suse.com/553641" }, { "category": "external", "summary": "SUSE Bug 554069 for CVE-2009-3555", "url": "https://bugzilla.suse.com/554069" }, { "category": "external", "summary": "SUSE Bug 554084 for CVE-2009-3555", "url": "https://bugzilla.suse.com/554084" }, { "category": "external", "summary": "SUSE Bug 554085 for CVE-2009-3555", "url": "https://bugzilla.suse.com/554085" }, { "category": "external", "summary": "SUSE Bug 555177 for CVE-2009-3555", "url": "https://bugzilla.suse.com/555177" }, { "category": "external", "summary": "SUSE Bug 557168 for CVE-2009-3555", "url": "https://bugzilla.suse.com/557168" }, { "category": "external", "summary": "SUSE Bug 564507 for CVE-2009-3555", "url": "https://bugzilla.suse.com/564507" }, { "category": "external", "summary": "SUSE Bug 566041 for CVE-2009-3555", "url": "https://bugzilla.suse.com/566041" }, { "category": "external", "summary": "SUSE Bug 584292 for CVE-2009-3555", "url": "https://bugzilla.suse.com/584292" }, { "category": "external", "summary": "SUSE Bug 586567 for CVE-2009-3555", "url": "https://bugzilla.suse.com/586567" }, { "category": "external", "summary": "SUSE Bug 588996 for CVE-2009-3555", "url": "https://bugzilla.suse.com/588996" }, { "category": "external", "summary": "SUSE Bug 590826 for CVE-2009-3555", "url": "https://bugzilla.suse.com/590826" }, { "category": "external", "summary": "SUSE Bug 592589 for CVE-2009-3555", "url": "https://bugzilla.suse.com/592589" }, { "category": "external", "summary": "SUSE Bug 594415 for CVE-2009-3555", "url": "https://bugzilla.suse.com/594415" }, { "category": "external", "summary": "SUSE Bug 604782 for CVE-2009-3555", "url": "https://bugzilla.suse.com/604782" }, { "category": "external", "summary": "SUSE Bug 614753 for CVE-2009-3555", "url": "https://bugzilla.suse.com/614753" }, { "category": "external", "summary": "SUSE Bug 622073 for CVE-2009-3555", "url": "https://bugzilla.suse.com/622073" }, { "category": "external", "summary": "SUSE Bug 623905 for CVE-2009-3555", "url": "https://bugzilla.suse.com/623905" }, { "category": "external", "summary": "SUSE Bug 629905 for CVE-2009-3555", "url": "https://bugzilla.suse.com/629905" }, { "category": "external", "summary": "SUSE Bug 642531 for CVE-2009-3555", "url": "https://bugzilla.suse.com/642531" }, { "category": "external", "summary": "SUSE Bug 646073 for CVE-2009-3555", "url": "https://bugzilla.suse.com/646073" }, { "category": "external", "summary": "SUSE Bug 646906 for CVE-2009-3555", "url": "https://bugzilla.suse.com/646906" }, { "category": "external", "summary": "SUSE Bug 648140 for CVE-2009-3555", "url": "https://bugzilla.suse.com/648140" }, { "category": "external", "summary": "SUSE Bug 648950 for CVE-2009-3555", "url": "https://bugzilla.suse.com/648950" }, { "category": "external", "summary": "SUSE Bug 659926 for CVE-2009-3555", "url": "https://bugzilla.suse.com/659926" }, { "category": "external", "summary": "SUSE Bug 670152 for CVE-2009-3555", "url": "https://bugzilla.suse.com/670152" }, { "category": "external", "summary": "SUSE Bug 704832 for CVE-2009-3555", "url": "https://bugzilla.suse.com/704832" }, { "category": "external", "summary": "SUSE Bug 728876 for CVE-2009-3555", "url": "https://bugzilla.suse.com/728876" }, { "category": "external", "summary": "SUSE Bug 729181 for CVE-2009-3555", "url": "https://bugzilla.suse.com/729181" }, { "category": "external", "summary": "SUSE Bug 753357 for CVE-2009-3555", "url": "https://bugzilla.suse.com/753357" }, { "category": "external", "summary": "SUSE Bug 791794 for CVE-2009-3555", "url": "https://bugzilla.suse.com/791794" }, { "category": "external", "summary": "SUSE Bug 799454 for CVE-2009-3555", "url": "https://bugzilla.suse.com/799454" }, { "category": "external", "summary": "SUSE Bug 815621 for CVE-2009-3555", "url": "https://bugzilla.suse.com/815621" }, { "category": "external", "summary": "SUSE Bug 905347 for CVE-2009-3555", "url": "https://bugzilla.suse.com/905347" }, { "category": "external", "summary": "SUSE Bug 979060 for CVE-2009-3555", "url": "https://bugzilla.suse.com/979060" }, { "category": "external", "summary": "SUSE Bug 986238 for CVE-2009-3555", "url": "https://bugzilla.suse.com/986238" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2024-12-12T00:00:00Z", "details": "moderate" } ], "title": "CVE-2009-3555" }, { "cve": "CVE-2009-3979", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2009-3979" } ], "notes": [ { "category": "general", "text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, SeaMonkey before 2.0.1, and Thunderbird allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2009-3979", "url": "https://www.suse.com/security/cve/CVE-2009-3979" }, { "category": "external", "summary": "SUSE Bug 559807 for CVE-2009-3979", "url": "https://bugzilla.suse.com/559807" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2024-12-12T00:00:00Z", "details": "critical" } ], "title": "CVE-2009-3979" }, { "cve": "CVE-2009-3983", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2009-3983" } ], "notes": [ { "category": "general", "text": "Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey before 2.0.1, allows remote attackers to send authenticated requests to arbitrary applications by replaying the NTLM credentials of a browser user.", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2009-3983", "url": "https://www.suse.com/security/cve/CVE-2009-3983" }, { "category": "external", "summary": "SUSE Bug 559807 for CVE-2009-3983", "url": "https://bugzilla.suse.com/559807" }, { "category": "external", "summary": "SUSE Bug 590499 for CVE-2009-3983", "url": "https://bugzilla.suse.com/590499" }, { "category": "external", "summary": "SUSE Bug 607935 for CVE-2009-3983", "url": "https://bugzilla.suse.com/607935" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2024-12-12T00:00:00Z", "details": "moderate" } ], "title": "CVE-2009-3983" }, { "cve": "CVE-2009-3984", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2009-3984" } ], "notes": [ { "category": "general", "text": "Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey before 2.0.1, allows remote attackers to spoof an SSL indicator for an http URL or a file URL by setting document.location to an https URL corresponding to a site that responds with a No Content (aka 204) status code and an empty body.", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2009-3984", "url": "https://www.suse.com/security/cve/CVE-2009-3984" }, { "category": "external", "summary": "SUSE Bug 559807 for CVE-2009-3984", "url": "https://bugzilla.suse.com/559807" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2024-12-12T00:00:00Z", "details": "moderate" } ], "title": "CVE-2009-3984" }, { "cve": "CVE-2010-0164", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2010-0164" } ], "notes": [ { "category": "general", "text": "Use-after-free vulnerability in the imgContainer::InternalAddFrameHelper function in src/imgContainer.cpp in libpr0n in Mozilla Firefox 3.6 before 3.6.2 allows remote attackers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via a multipart/x-mixed-replace animation in which the frames have different bits-per-pixel (bpp) values.", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2010-0164", "url": "https://www.suse.com/security/cve/CVE-2010-0164" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2024-12-12T00:00:00Z", "details": "critical" } ], "title": "CVE-2010-0164" }, { "cve": "CVE-2010-0165", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2010-0165" } ], "notes": [ { "category": "general", "text": "The TraceRecorder::traverseScopeChain function in js/src/jstracer.cpp in the browser engine in Mozilla Firefox 3.6 before 3.6.2 allows remote attackers to cause a denial of service (memory corruption and application crash) and possibly execute arbitrary code via vectors involving certain indirect calls to the JavaScript eval function.", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2010-0165", "url": "https://www.suse.com/security/cve/CVE-2010-0165" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2024-12-12T00:00:00Z", "details": "critical" } ], "title": "CVE-2010-0165" }, { "cve": "CVE-2010-0168", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2010-0168" } ], "notes": [ { "category": "general", "text": "The nsDocument::MaybePreLoadImage function in content/base/src/nsDocument.cpp in the image-preloading implementation in Mozilla Firefox 3.6 before 3.6.2 does not apply scheme restrictions and policy restrictions to the image\u0027s URL, which might allow remote attackers to cause a denial of service (application crash or hang) or hijack the functionality of the browser\u0027s add-ons via a crafted SRC attribute of an IMG element, as demonstrated by remote command execution through an ssh: URL in a configuration that supports gnome-vfs with a nonstandard network.gnomevfs.supported-protocols setting.", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2010-0168", "url": "https://www.suse.com/security/cve/CVE-2010-0168" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2024-12-12T00:00:00Z", "details": "important" } ], "title": "CVE-2010-0168" }, { "cve": "CVE-2010-0169", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2010-0169" } ], "notes": [ { "category": "general", "text": "The CSSLoaderImpl::DoSheetComplete function in layout/style/nsCSSLoader.cpp in Mozilla Firefox 3.0.x before 3.0.18, 3.5.x before 3.5.8, and 3.6.x before 3.6.2; Thunderbird before 3.0.2; and SeaMonkey before 2.0.3 changes the case of certain strings in a stylesheet before adding this stylesheet to the XUL cache, which might allow remote attackers to modify the browser\u0027s font and other CSS attributes, and potentially disrupt rendering of a web page, by forcing the browser to perform this erroneous stylesheet caching.", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2010-0169", "url": "https://www.suse.com/security/cve/CVE-2010-0169" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2024-12-12T00:00:00Z", "details": "critical" } ], "title": "CVE-2010-0169" }, { "cve": "CVE-2010-0170", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2010-0170" } ], "notes": [ { "category": "general", "text": "Mozilla Firefox 3.6 before 3.6.2 does not offer plugins the expected window.location protection mechanism, which might allow remote attackers to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via vectors that are specific to each affected plugin.", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2010-0170", "url": "https://www.suse.com/security/cve/CVE-2010-0170" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2024-12-12T00:00:00Z", "details": "moderate" } ], "title": "CVE-2010-0170" }, { "cve": "CVE-2010-0171", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2010-0171" } ], "notes": [ { "category": "general", "text": "Mozilla Firefox 3.0.x before 3.0.18, 3.5.x before 3.5.8, and 3.6.x before 3.6.2; Thunderbird before 3.0.2; and SeaMonkey before 2.0.3 allow remote attackers to perform cross-origin keystroke capture, and possibly conduct cross-site scripting (XSS) attacks, by using the addEventListener and setTimeout functions in conjunction with a wrapped object. NOTE: this vulnerability exists because of an incomplete fix for CVE-2007-3736.", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2010-0171", "url": "https://www.suse.com/security/cve/CVE-2010-0171" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2024-12-12T00:00:00Z", "details": "critical" } ], "title": "CVE-2010-0171" }, { "cve": "CVE-2010-0172", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2010-0172" } ], "notes": [ { "category": "general", "text": "toolkit/components/passwordmgr/src/nsLoginManagerPrompter.js in the asynchronous Authorization Prompt implementation in Mozilla Firefox 3.6 before 3.6.2 does not properly handle concurrent authorization requests from multiple web sites, which might allow remote web servers to spoof an authorization dialog and capture credentials by demanding HTTP authentication in opportunistic circumstances.", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2010-0172", "url": "https://www.suse.com/security/cve/CVE-2010-0172" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2024-12-12T00:00:00Z", "details": "moderate" } ], "title": "CVE-2010-0172" }, { "cve": "CVE-2010-0173", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2010-0173" } ], "notes": [ { "category": "general", "text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.5.9 and 3.6.x before 3.6.2, Thunderbird before 3.0.4, and SeaMonkey before 2.0.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2010-0173", "url": "https://www.suse.com/security/cve/CVE-2010-0173" }, { "category": "external", "summary": "SUSE Bug 586567 for CVE-2010-0173", "url": "https://bugzilla.suse.com/586567" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2024-12-12T00:00:00Z", "details": "critical" } ], "title": "CVE-2010-0173" }, { "cve": "CVE-2010-0176", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2010-0176" } ], "notes": [ { "category": "general", "text": "Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3.6.2; Thunderbird before 3.0.4; and SeaMonkey before 2.0.4 do not properly manage reference counts for option elements in a XUL tree optgroup, which might allow remote attackers to execute arbitrary code via unspecified vectors that trigger access to deleted elements, related to a \"dangling pointer vulnerability.\"", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2010-0176", "url": "https://www.suse.com/security/cve/CVE-2010-0176" }, { "category": "external", "summary": "SUSE Bug 586567 for CVE-2010-0176", "url": "https://bugzilla.suse.com/586567" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2024-12-12T00:00:00Z", "details": "critical" } ], "title": "CVE-2010-0176" }, { "cve": "CVE-2010-0177", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2010-0177" } ], "notes": [ { "category": "general", "text": "Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3.6.2, and SeaMonkey before 2.0.4, frees the contents of the window.navigator.plugins array while a reference to an array element is still active, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors, related to a \"dangling pointer vulnerability.\"", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2010-0177", "url": "https://www.suse.com/security/cve/CVE-2010-0177" }, { "category": "external", "summary": "SUSE Bug 586567 for CVE-2010-0177", "url": "https://bugzilla.suse.com/586567" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2024-12-12T00:00:00Z", "details": "critical" } ], "title": "CVE-2010-0177" }, { "cve": "CVE-2010-0178", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2010-0178" } ], "notes": [ { "category": "general", "text": "Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3.6.2, and SeaMonkey before 2.0.4, does not prevent applets from interpreting mouse clicks as drag-and-drop actions, which allows remote attackers to execute arbitrary JavaScript with Chrome privileges by loading a chrome: URL and then loading a javascript: URL.", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2010-0178", "url": "https://www.suse.com/security/cve/CVE-2010-0178" }, { "category": "external", "summary": "SUSE Bug 586567 for CVE-2010-0178", "url": "https://bugzilla.suse.com/586567" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2024-12-12T00:00:00Z", "details": "important" } ], "title": "CVE-2010-0178" }, { "cve": "CVE-2010-0181", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2010-0181" } ], "notes": [ { "category": "general", "text": "Mozilla Firefox before 3.5.9 and 3.6.x before 3.6.2, and SeaMonkey before 2.0.4, executes a mail application in situations where an IMG element has a SRC attribute that is a redirect to a mailto: URL, which allows remote attackers to cause a denial of service (excessive application launches) via an HTML document with many images.", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2010-0181", "url": "https://www.suse.com/security/cve/CVE-2010-0181" }, { "category": "external", "summary": "SUSE Bug 586567 for CVE-2010-0181", "url": "https://bugzilla.suse.com/586567" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2024-12-12T00:00:00Z", "details": "moderate" } ], "title": "CVE-2010-0181" }, { "cve": "CVE-2010-0182", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2010-0182" } ], "notes": [ { "category": "general", "text": "The XMLDocument::load function in Mozilla Firefox before 3.5.9 and 3.6.x before 3.6.2, Thunderbird before 3.0.4, and SeaMonkey before 2.0.4 does not perform the expected nsIContentPolicy checks during loading of content by XML documents, which allows attackers to bypass intended access restrictions via crafted content.", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x", "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64", "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",