Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2024-6602 (GCVE-0-2024-6602)
Vulnerability from cvelistv5 – Published: 2024-07-09 14:25 – Updated: 2025-11-03 22:32
VLAI?
EPSS
Title
Memory corruption in NSS
Summary
A mismatch between allocator and deallocator could have led to memory corruption. This vulnerability affects Firefox < 128, Firefox ESR < 115.13, Thunderbird < 115.13, and Thunderbird < 128.
Severity ?
9.8 (Critical)
CWE
- CWE-94 - Improper Control of Generation of Code ('Code Injection')
Assigner
References
Impacted products
4 products
| Vendor | Product | Version | |
|---|---|---|---|
| Mozilla | Firefox |
Affected:
unspecified , < 128
(custom)
|
|
| Mozilla | Firefox ESR |
Affected:
unspecified , < 115.13
(custom)
|
|
| Mozilla | Thunderbird |
Affected:
unspecified , < 115.13
(custom)
|
|
| Mozilla | Thunderbird |
Affected:
unspecified , < 128
(custom)
|
Credits
Ronald Crane
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "firefox",
"vendor": "mozilla",
"versions": [
{
"lessThan": "128",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "firefox_esr",
"vendor": "mozilla",
"versions": [
{
"lessThan": "115.13",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-6602",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-09T16:54:31.956156Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-14T18:50:48.163Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-03T22:32:44.098Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1895032"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2024-29/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2024-30/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2024-31/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2024-32/"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/10/msg00028.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "128",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Firefox ESR",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "115.13",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "115.13",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "128",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Ronald Crane"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A mismatch between allocator and deallocator could have led to memory corruption. This vulnerability affects Firefox \u003c 128, Firefox ESR \u003c 115.13, Thunderbird \u003c 115.13, and Thunderbird \u003c 128."
}
],
"value": "A mismatch between allocator and deallocator could have led to memory corruption. This vulnerability affects Firefox \u003c 128, Firefox ESR \u003c 115.13, Thunderbird \u003c 115.13, and Thunderbird \u003c 128."
}
],
"providerMetadata": {
"dateUpdated": "2025-10-30T16:14:54.863Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1895032"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2024-29/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2024-30/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2024-31/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2024-32/"
}
],
"title": "Memory corruption in NSS"
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2024-6602",
"datePublished": "2024-07-09T14:25:57.026Z",
"dateReserved": "2024-07-09T14:12:56.296Z",
"dateUpdated": "2025-11-03T22:32:44.098Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2024-6602",
"date": "2026-05-20",
"epss": "0.00768",
"percentile": "0.73689"
},
"fkie_nvd": {
"descriptions": "[{\"lang\": \"en\", \"value\": \"A mismatch between allocator and deallocator could have led to memory corruption. This vulnerability affects Firefox \u003c 128, Firefox ESR \u003c 115.13, Thunderbird \u003c 115.13, and Thunderbird \u003c 128.\"}, {\"lang\": \"es\", \"value\": \"Una falta de coincidencia entre el asignador y el desasignador podr\\u00eda haber provocado da\\u00f1os en la memoria. Esta vulnerabilidad afecta a Firefox \u0026lt; 128 y Firefox ESR \u0026lt; 115.13.\"}]",
"id": "CVE-2024-6602",
"lastModified": "2024-11-26T14:15:21.740",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 9.8, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 5.9}]}",
"published": "2024-07-09T15:15:12.473",
"references": "[{\"url\": \"https://bugzilla.mozilla.org/show_bug.cgi?id=1895032\", \"source\": \"security@mozilla.org\"}, {\"url\": \"https://www.mozilla.org/security/advisories/mfsa2024-29/\", \"source\": \"security@mozilla.org\"}, {\"url\": \"https://www.mozilla.org/security/advisories/mfsa2024-30/\", \"source\": \"security@mozilla.org\"}, {\"url\": \"https://www.mozilla.org/security/advisories/mfsa2024-31/\", \"source\": \"security@mozilla.org\"}, {\"url\": \"https://www.mozilla.org/security/advisories/mfsa2024-32/\", \"source\": \"security@mozilla.org\"}, {\"url\": \"https://bugzilla.mozilla.org/show_bug.cgi?id=1895032\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://www.mozilla.org/security/advisories/mfsa2024-29/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://www.mozilla.org/security/advisories/mfsa2024-30/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://www.mozilla.org/security/advisories/mfsa2024-31/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://www.mozilla.org/security/advisories/mfsa2024-32/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
"sourceIdentifier": "security@mozilla.org",
"vulnStatus": "Awaiting Analysis"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2024-6602\",\"sourceIdentifier\":\"security@mozilla.org\",\"published\":\"2024-07-09T15:15:12.473\",\"lastModified\":\"2025-11-03T23:17:30.933\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A mismatch between allocator and deallocator could have led to memory corruption. This vulnerability affects Firefox \u003c 128, Firefox ESR \u003c 115.13, Thunderbird \u003c 115.13, and Thunderbird \u003c 128.\"},{\"lang\":\"es\",\"value\":\"Una falta de coincidencia entre el asignador y el desasignador podr\u00eda haber provocado da\u00f1os en la memoria. Esta vulnerabilidad afecta a Firefox \u0026lt; 128 y Firefox ESR \u0026lt; 115.13.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-94\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:*:*:*:*:esr:*:*:*\",\"versionEndExcluding\":\"115.13\",\"matchCriteriaId\":\"B174E5D8-7E32-4C31-804C-6BA0CF4B1BF0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"128.0\",\"matchCriteriaId\":\"540E6900-1ECF-4138-9ABB-C3CC81FCF47B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"115.13\",\"matchCriteriaId\":\"1D1AFF4D-05F4-42C8-93AE-DF09583E4569\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"116.0\",\"versionEndExcluding\":\"128.0\",\"matchCriteriaId\":\"B54A357A-8350-41CE-AF08-F7BE6E33CC44\"}]}]}],\"references\":[{\"url\":\"https://bugzilla.mozilla.org/show_bug.cgi?id=1895032\",\"source\":\"security@mozilla.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://www.mozilla.org/security/advisories/mfsa2024-29/\",\"source\":\"security@mozilla.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.mozilla.org/security/advisories/mfsa2024-30/\",\"source\":\"security@mozilla.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.mozilla.org/security/advisories/mfsa2024-31/\",\"source\":\"security@mozilla.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.mozilla.org/security/advisories/mfsa2024-32/\",\"source\":\"security@mozilla.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://bugzilla.mozilla.org/show_bug.cgi?id=1895032\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2024/10/msg00028.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.mozilla.org/security/advisories/mfsa2024-29/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.mozilla.org/security/advisories/mfsa2024-30/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.mozilla.org/security/advisories/mfsa2024-31/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.mozilla.org/security/advisories/mfsa2024-32/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://bugzilla.mozilla.org/show_bug.cgi?id=1895032\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.mozilla.org/security/advisories/mfsa2024-29/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.mozilla.org/security/advisories/mfsa2024-30/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.mozilla.org/security/advisories/mfsa2024-31/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.mozilla.org/security/advisories/mfsa2024-32/\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-01T21:41:03.998Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 9.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"CRITICAL\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-6602\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-01-09T16:54:31.956156Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*\"], \"vendor\": \"mozilla\", \"product\": \"firefox\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"128\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*\"], \"vendor\": \"mozilla\", \"product\": \"firefox_esr\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"115.13\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-94\", \"description\": \"CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-07-10T20:14:20.327Z\"}}], \"cna\": {\"title\": \"Memory corruption in NSS\", \"credits\": [{\"lang\": \"en\", \"value\": \"Ronald Crane\"}], \"affected\": [{\"vendor\": \"Mozilla\", \"product\": \"Firefox\", \"versions\": [{\"status\": \"affected\", \"version\": \"unspecified\", \"lessThan\": \"128\", \"versionType\": \"custom\"}]}, {\"vendor\": \"Mozilla\", \"product\": \"Firefox ESR\", \"versions\": [{\"status\": \"affected\", \"version\": \"unspecified\", \"lessThan\": \"115.13\", \"versionType\": \"custom\"}]}, {\"vendor\": \"Mozilla\", \"product\": \"Thunderbird\", \"versions\": [{\"status\": \"affected\", \"version\": \"unspecified\", \"lessThan\": \"115.13\", \"versionType\": \"custom\"}]}, {\"vendor\": \"Mozilla\", \"product\": \"Thunderbird\", \"versions\": [{\"status\": \"affected\", \"version\": \"unspecified\", \"lessThan\": \"128\", \"versionType\": \"custom\"}]}], \"references\": [{\"url\": \"https://bugzilla.mozilla.org/show_bug.cgi?id=1895032\"}, {\"url\": \"https://www.mozilla.org/security/advisories/mfsa2024-29/\"}, {\"url\": \"https://www.mozilla.org/security/advisories/mfsa2024-30/\"}, {\"url\": \"https://www.mozilla.org/security/advisories/mfsa2024-31/\"}, {\"url\": \"https://www.mozilla.org/security/advisories/mfsa2024-32/\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"A mismatch between allocator and deallocator could have led to memory corruption. This vulnerability affects Firefox \u003c 128, Firefox ESR \u003c 115.13, Thunderbird \u003c 115.13, and Thunderbird \u003c 128.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"A mismatch between allocator and deallocator could have led to memory corruption. This vulnerability affects Firefox \u003c 128, Firefox ESR \u003c 115.13, Thunderbird \u003c 115.13, and Thunderbird \u003c 128.\", \"base64\": false}]}], \"providerMetadata\": {\"orgId\": \"f16b083a-5664-49f3-a51e-8d479e5ed7fe\", \"shortName\": \"mozilla\", \"dateUpdated\": \"2025-10-30T16:14:54.863Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2024-6602\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-10-30T16:14:54.863Z\", \"dateReserved\": \"2024-07-09T14:12:56.296Z\", \"assignerOrgId\": \"f16b083a-5664-49f3-a51e-8d479e5ed7fe\", \"datePublished\": \"2024-07-09T14:25:57.026Z\", \"assignerShortName\": \"mozilla\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
CERTFR-2024-AVI-0555
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits Mozilla. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une atteinte à la confidentialité des données et un contournement de la politique de sécurité.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Firefox versions ant\u00e9rieures \u00e0 128",
"product": {
"name": "N/A",
"vendor": {
"name": "Mozilla",
"scada": false
}
}
},
{
"description": "Firefox ESR versions ant\u00e9rieures \u00e0 115.13",
"product": {
"name": "N/A",
"vendor": {
"name": "Mozilla",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-6601",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6601"
},
{
"name": "CVE-2024-6606",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6606"
},
{
"name": "CVE-2024-6603",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6603"
},
{
"name": "CVE-2024-6613",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6613"
},
{
"name": "CVE-2024-6608",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6608"
},
{
"name": "CVE-2024-6605",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6605"
},
{
"name": "CVE-2024-6614",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6614"
},
{
"name": "CVE-2024-6600",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6600"
},
{
"name": "CVE-2024-6611",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6611"
},
{
"name": "CVE-2024-6604",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6604"
},
{
"name": "CVE-2024-6602",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6602"
},
{
"name": "CVE-2024-6610",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6610"
},
{
"name": "CVE-2024-6612",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6612"
},
{
"name": "CVE-2024-6615",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6615"
},
{
"name": "CVE-2024-6607",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6607"
},
{
"name": "CVE-2024-6609",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6609"
}
],
"links": [],
"reference": "CERTFR-2024-AVI-0555",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-07-10T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Mozilla. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et un contournement de la politique de s\u00e9curit\u00e9.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Mozilla",
"vendor_advisories": [
{
"published_at": "2024-07-09",
"title": "Bulletin de s\u00e9curit\u00e9 Mozilla mfsa2024-29",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-29/"
},
{
"published_at": "2024-07-09",
"title": "Bulletin de s\u00e9curit\u00e9 Mozilla mfsa2024-30",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-30/"
}
]
}
CERTFR-2024-AVI-0588
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans Mozilla Thunderbird. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un contournement de la politique de sécurité et un problème de sécurité non spécifié par l'éditeur.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Mozilla | Thunderbird | Thunderbird versions antérieures à 115.13 | ||
| Mozilla | Thunderbird | Thunderbird versions antérieures à 128 |
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Thunderbird versions ant\u00e9rieures \u00e0 115.13",
"product": {
"name": "Thunderbird",
"vendor": {
"name": "Mozilla",
"scada": false
}
}
},
{
"description": "Thunderbird versions ant\u00e9rieures \u00e0 128",
"product": {
"name": "Thunderbird",
"vendor": {
"name": "Mozilla",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-6601",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6601"
},
{
"name": "CVE-2024-6606",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6606"
},
{
"name": "CVE-2024-6603",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6603"
},
{
"name": "CVE-2024-6613",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6613"
},
{
"name": "CVE-2024-6608",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6608"
},
{
"name": "CVE-2024-6614",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6614"
},
{
"name": "CVE-2024-6600",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6600"
},
{
"name": "CVE-2024-6611",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6611"
},
{
"name": "CVE-2024-6604",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6604"
},
{
"name": "CVE-2024-6602",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6602"
},
{
"name": "CVE-2024-6610",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6610"
},
{
"name": "CVE-2024-6612",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6612"
},
{
"name": "CVE-2024-6615",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6615"
},
{
"name": "CVE-2024-6607",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6607"
},
{
"name": "CVE-2024-6609",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6609"
}
],
"links": [],
"reference": "CERTFR-2024-AVI-0588",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-07-17T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Mozilla Thunderbird. Elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un contournement de la politique de s\u00e9curit\u00e9 et un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Mozilla Thunderbird",
"vendor_advisories": [
{
"published_at": "2024-07-15",
"title": "Bulletin de s\u00e9curit\u00e9 Mozilla mfsa2024-31",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-31/"
},
{
"published_at": "2024-07-11",
"title": "Bulletin de s\u00e9curit\u00e9 Mozilla mfsa2024-32",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-32/"
}
]
}
CERTFR-2024-AVI-0555
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits Mozilla. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une atteinte à la confidentialité des données et un contournement de la politique de sécurité.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Firefox versions ant\u00e9rieures \u00e0 128",
"product": {
"name": "N/A",
"vendor": {
"name": "Mozilla",
"scada": false
}
}
},
{
"description": "Firefox ESR versions ant\u00e9rieures \u00e0 115.13",
"product": {
"name": "N/A",
"vendor": {
"name": "Mozilla",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-6601",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6601"
},
{
"name": "CVE-2024-6606",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6606"
},
{
"name": "CVE-2024-6603",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6603"
},
{
"name": "CVE-2024-6613",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6613"
},
{
"name": "CVE-2024-6608",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6608"
},
{
"name": "CVE-2024-6605",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6605"
},
{
"name": "CVE-2024-6614",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6614"
},
{
"name": "CVE-2024-6600",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6600"
},
{
"name": "CVE-2024-6611",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6611"
},
{
"name": "CVE-2024-6604",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6604"
},
{
"name": "CVE-2024-6602",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6602"
},
{
"name": "CVE-2024-6610",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6610"
},
{
"name": "CVE-2024-6612",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6612"
},
{
"name": "CVE-2024-6615",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6615"
},
{
"name": "CVE-2024-6607",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6607"
},
{
"name": "CVE-2024-6609",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6609"
}
],
"links": [],
"reference": "CERTFR-2024-AVI-0555",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-07-10T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Mozilla. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et un contournement de la politique de s\u00e9curit\u00e9.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Mozilla",
"vendor_advisories": [
{
"published_at": "2024-07-09",
"title": "Bulletin de s\u00e9curit\u00e9 Mozilla mfsa2024-29",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-29/"
},
{
"published_at": "2024-07-09",
"title": "Bulletin de s\u00e9curit\u00e9 Mozilla mfsa2024-30",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-30/"
}
]
}
CERTFR-2024-AVI-0588
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans Mozilla Thunderbird. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un contournement de la politique de sécurité et un problème de sécurité non spécifié par l'éditeur.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Mozilla | Thunderbird | Thunderbird versions antérieures à 115.13 | ||
| Mozilla | Thunderbird | Thunderbird versions antérieures à 128 |
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Thunderbird versions ant\u00e9rieures \u00e0 115.13",
"product": {
"name": "Thunderbird",
"vendor": {
"name": "Mozilla",
"scada": false
}
}
},
{
"description": "Thunderbird versions ant\u00e9rieures \u00e0 128",
"product": {
"name": "Thunderbird",
"vendor": {
"name": "Mozilla",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-6601",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6601"
},
{
"name": "CVE-2024-6606",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6606"
},
{
"name": "CVE-2024-6603",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6603"
},
{
"name": "CVE-2024-6613",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6613"
},
{
"name": "CVE-2024-6608",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6608"
},
{
"name": "CVE-2024-6614",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6614"
},
{
"name": "CVE-2024-6600",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6600"
},
{
"name": "CVE-2024-6611",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6611"
},
{
"name": "CVE-2024-6604",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6604"
},
{
"name": "CVE-2024-6602",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6602"
},
{
"name": "CVE-2024-6610",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6610"
},
{
"name": "CVE-2024-6612",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6612"
},
{
"name": "CVE-2024-6615",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6615"
},
{
"name": "CVE-2024-6607",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6607"
},
{
"name": "CVE-2024-6609",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6609"
}
],
"links": [],
"reference": "CERTFR-2024-AVI-0588",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-07-17T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Mozilla Thunderbird. Elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un contournement de la politique de s\u00e9curit\u00e9 et un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Mozilla Thunderbird",
"vendor_advisories": [
{
"published_at": "2024-07-15",
"title": "Bulletin de s\u00e9curit\u00e9 Mozilla mfsa2024-31",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-31/"
},
{
"published_at": "2024-07-11",
"title": "Bulletin de s\u00e9curit\u00e9 Mozilla mfsa2024-32",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-32/"
}
]
}
BDU:2024-06675
Vulnerability from fstec - Published: 09.07.2024
VLAI Severity ?
Title
Уязвимость браузеров Mozilla Firefox, Mozilla Firefox ESR, почтового клиента Mozilla Thunderbird, связанная с неправильным ограничением операций в пределах буфера памяти, позволяющая нарушителю оказать влияние на работу системы
Description
Уязвимость браузеров Mozilla Firefox, Mozilla Firefox ESR, почтового клиента Mozilla Thunderbird связана с неправильным ограничением операций в пределах буфера памяти. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, оказать влияние на работу системы
Severity ?
Vendor
ООО «Ред Софт», ООО «РусБИТех-Астра», АО «ИВК», Mozilla Corp., АО "НППКТ"
Software Name
РЕД ОС (запись в едином реестре российских программ №3751), Astra Linux Special Edition (запись в едином реестре российских программ №369), АЛЬТ СП 10, Firefox, Firefox ESR, Thunderbird, ОСОН ОСнова Оnyx (запись в едином реестре российских программ №5913)
Software Version
7.3 (РЕД ОС), 1.7 (Astra Linux Special Edition), 4.7 (Astra Linux Special Edition), - (АЛЬТ СП 10), до 128 (Firefox), до 115.13 (Firefox ESR), до 115.13 (Thunderbird), до 128 (Thunderbird), 1.8 (Astra Linux Special Edition), до 2.12 (ОСОН ОСнова Оnyx)
Possible Mitigations
Для программных продуктов Mozilla Corp.:
https://www.mozilla.org/security/advisories/mfsa2024-29/
https://www.mozilla.org/security/advisories/mfsa2024-30/
https://www.mozilla.org/security/advisories/mfsa2024-31/
https://www.mozilla.org/security/advisories/mfsa2024-32/
Для РедОС:
http://repo.red-soft.ru/redos/7.3c/x86_64/updates/
https://redos.red-soft.ru/support/secure/uyazvimosti/uyazvimost-nss-cve-2024-6602/?sphrase_id=715738
Для ОС Astra Linux:
- обновить пакет firefox до 131.0.2+build1-0ubuntu0.20.04.1~mt1+ci202410111226+astra13 или более высокой версии, используя рекомендации производителя: https://wiki.astralinux.ru/astra-linux-se17-bulletin-2024-1108SE17MD
- обновить пакет thunderbird до 1:115.16.0+build2-0ubuntu0.20.04.1~mt1+ci202410141259+astra2 или более высокой версии, используя рекомендации производителя: https://wiki.astralinux.ru/astra-linux-se17-bulletin-2024-1108SE17MD
Для ОС Альт 8 СП (релиз 10):
установка обновления из публичного репозитория программного средства
Обновление программного обеспечения thunderbird до версии 1:128.6.0esr+repack-1~deb11u1.osnova2u1
Обновление программного обеспечения firefox-esr до версии 128.6.0esr+repack-1~deb11u3.osnova2u1
Обновление программного обеспечения nss до версии 2:3.87.1-1+deb12u1.osnova3u1
Для ОС Astra Linux:
- обновить пакет firefox до 128.0+build2-0ubuntu0.20.04.1+ci202407111300+astra13 или более высокой версии, используя рекомендации производителя: https://wiki.astralinux.ru/astra-linux-se18-bulletin-2025-0411SE18
- обновить пакет thunderbird до 1:115.16.2+build1-0ubuntu0.20.04.1~mt1+ci202410281051+astra2 или более высокой версии, используя рекомендации производителя: https://wiki.astralinux.ru/astra-linux-se18-bulletin-2025-0411SE18
- обновить пакет nss до 2:3.103-1+ci2 или более высокой версии, используя рекомендации производителя: https://wiki.astralinux.ru/astra-linux-se18-bulletin-2025-0411SE18
Для ОС Astra Linux:
- обновить пакет firefox до 131.0.2+build1-0ubuntu0.20.04.1~mt1+ci202410111226+astra13 или более высокой версии, используя рекомендации производителя: https://wiki.astralinux.ru/astra-linux-se47-bulletin-2025-0422SE47
- обновить пакет thunderbird до 1:115.16.0+build2-0ubuntu0.20.04.1~mt1+ci202410141704+astra2 или более высокой версии, используя рекомендации производителя: https://wiki.astralinux.ru/astra-linux-se47-bulletin-2025-0422SE47
- обновить пакет nss до 2:3.87.1-1.astra7 или более высокой версии, используя рекомендации производителя: https://wiki.astralinux.ru/astra-linux-se47-bulletin-2025-0422SE47
Reference
https://redos.red-soft.ru/support/secure/
https://www.mozilla.org/security/advisories/mfsa2024-29/
https://www.mozilla.org/security/advisories/mfsa2024-30/
https://www.mozilla.org/security/advisories/mfsa2024-31/
https://www.mozilla.org/security/advisories/mfsa2024-32/
https://wiki.astralinux.ru/astra-linux-se17-bulletin-2024-1108SE17MD
https://altsp.su/obnovleniya-bezopasnosti/
https://redos.red-soft.ru/support/secure/uyazvimosti/uyazvimost-nss-cve-2024-6602/?sphrase_id=715738
https://поддержка.нппкт.рф/bin/view/ОСнова/Обновления/2.12/
https://поддержка.нппкт.рф/bin/view/ОСнова/Обновления/2.12/
https://поддержка.нппкт.рф/bin/view/ОСнова/Обновления/2.12/
https://wiki.astralinux.ru/astra-linux-se18-bulletin-2025-0411SE18
https://wiki.astralinux.ru/astra-linux-se47-bulletin-2025-0422SE47
CWE
CWE-119
{
"CVSS 2.0": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"CVSS 3.0": "AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"CVSS 4.0": null,
"remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
"remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
"\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "\u041e\u041e\u041e \u00ab\u0420\u0435\u0434 \u0421\u043e\u0444\u0442\u00bb, \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb, \u0410\u041e \u00ab\u0418\u0412\u041a\u00bb, Mozilla Corp., \u0410\u041e \"\u041d\u041f\u041f\u041a\u0422\"",
"\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "7.3 (\u0420\u0415\u0414 \u041e\u0421), 1.7 (Astra Linux Special Edition), 4.7 (Astra Linux Special Edition), - (\u0410\u041b\u042c\u0422 \u0421\u041f 10), \u0434\u043e 128 (Firefox), \u0434\u043e 115.13 (Firefox ESR), \u0434\u043e 115.13 (Thunderbird), \u0434\u043e 128 (Thunderbird), 1.8 (Astra Linux Special Edition), \u0434\u043e 2.12 (\u041e\u0421\u041e\u041d \u041e\u0421\u043d\u043e\u0432\u0430 \u041enyx)",
"\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0414\u043b\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 Mozilla Corp.:\nhttps://www.mozilla.org/security/advisories/mfsa2024-29/ \nhttps://www.mozilla.org/security/advisories/mfsa2024-30/ \nhttps://www.mozilla.org/security/advisories/mfsa2024-31/ \nhttps://www.mozilla.org/security/advisories/mfsa2024-32/\n\n\u0414\u043b\u044f \u0420\u0435\u0434\u041e\u0421: \nhttp://repo.red-soft.ru/redos/7.3c/x86_64/updates/\n\n\nhttps://redos.red-soft.ru/support/secure/uyazvimosti/uyazvimost-nss-cve-2024-6602/?sphrase_id=715738\n\n\u0414\u043b\u044f \u041e\u0421 Astra Linux:\n\n- \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0430\u043a\u0435\u0442 firefox \u0434\u043e 131.0.2+build1-0ubuntu0.20.04.1~mt1+ci202410111226+astra13 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se17-bulletin-2024-1108SE17MD\n- \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0430\u043a\u0435\u0442 thunderbird \u0434\u043e 1:115.16.0+build2-0ubuntu0.20.04.1~mt1+ci202410141259+astra2 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se17-bulletin-2024-1108SE17MD\n\n\n\n\u0414\u043b\u044f \u041e\u0421 \u0410\u043b\u044c\u0442 8 \u0421\u041f (\u0440\u0435\u043b\u0438\u0437 10): \n\u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0438\u0437 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e\u0433\u043e \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430\n\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f thunderbird \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 1:128.6.0esr+repack-1~deb11u1.osnova2u1\n\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f firefox-esr \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 128.6.0esr+repack-1~deb11u3.osnova2u1\n\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f nss \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 2:3.87.1-1+deb12u1.osnova3u1\n\n\u0414\u043b\u044f \u041e\u0421 Astra Linux:\n- \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0430\u043a\u0435\u0442 firefox \u0434\u043e 128.0+build2-0ubuntu0.20.04.1+ci202407111300+astra13 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se18-bulletin-2025-0411SE18\n- \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0430\u043a\u0435\u0442 thunderbird \u0434\u043e 1:115.16.2+build1-0ubuntu0.20.04.1~mt1+ci202410281051+astra2 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se18-bulletin-2025-0411SE18\n- \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0430\u043a\u0435\u0442 nss \u0434\u043e 2:3.103-1+ci2 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se18-bulletin-2025-0411SE18\n\n\u0414\u043b\u044f \u041e\u0421 Astra Linux:\n- \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0430\u043a\u0435\u0442 firefox \u0434\u043e 131.0.2+build1-0ubuntu0.20.04.1~mt1+ci202410111226+astra13 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se47-bulletin-2025-0422SE47\n- \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0430\u043a\u0435\u0442 thunderbird \u0434\u043e 1:115.16.0+build2-0ubuntu0.20.04.1~mt1+ci202410141704+astra2 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se47-bulletin-2025-0422SE47\n- \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0430\u043a\u0435\u0442 nss \u0434\u043e 2:3.87.1-1.astra7 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se47-bulletin-2025-0422SE47",
"\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "09.07.2024",
"\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "06.05.2025",
"\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "04.09.2024",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2024-06675",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2024-6602",
"\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
"\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
"\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "\u0420\u0415\u0414 \u041e\u0421 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21163751), Astra Linux Special Edition (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), \u0410\u041b\u042c\u0422 \u0421\u041f 10, Firefox, Firefox ESR, Thunderbird, \u041e\u0421\u041e\u041d \u041e\u0421\u043d\u043e\u0432\u0430 \u041enyx (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21165913)",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "\u041e\u041e\u041e \u00ab\u0420\u0435\u0434 \u0421\u043e\u0444\u0442\u00bb \u0420\u0415\u0414 \u041e\u0421 7.3 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21163751), \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition 1.7 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition 4.7 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), \u0410\u041e \u00ab\u0418\u0412\u041a\u00bb \u0410\u041b\u042c\u0422 \u0421\u041f 10 - , \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition 1.8 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), \u0410\u041e \"\u041d\u041f\u041f\u041a\u0422\" \u041e\u0421\u041e\u041d \u041e\u0421\u043d\u043e\u0432\u0430 \u041enyx \u0434\u043e 2.12 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21165913)",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u043e\u0432 Mozilla Firefox, Mozilla Firefox ESR, \u043f\u043e\u0447\u0442\u043e\u0432\u043e\u0433\u043e \u043a\u043b\u0438\u0435\u043d\u0442\u0430 Mozilla Thunderbird, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u043d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u044b\u043c \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u0435\u043c \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u0439 \u0432 \u043f\u0440\u0435\u0434\u0435\u043b\u0430\u0445 \u0431\u0443\u0444\u0435\u0440\u0430 \u043f\u0430\u043c\u044f\u0442\u0438, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u043e\u043a\u0430\u0437\u0430\u0442\u044c \u0432\u043b\u0438\u044f\u043d\u0438\u0435 \u043d\u0430 \u0440\u0430\u0431\u043e\u0442\u0443 \u0441\u0438\u0441\u0442\u0435\u043c\u044b",
"\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u0412\u044b\u0445\u043e\u0434 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u0438 \u0437\u0430 \u0433\u0440\u0430\u043d\u0438\u0446\u044b \u0431\u0443\u0444\u0435\u0440\u0430 \u0432 \u043f\u0430\u043c\u044f\u0442\u0438 (CWE-119)",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u043e\u0432 Mozilla Firefox, Mozilla Firefox ESR, \u043f\u043e\u0447\u0442\u043e\u0432\u043e\u0433\u043e \u043a\u043b\u0438\u0435\u043d\u0442\u0430 Mozilla Thunderbird \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u044b\u043c \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u0435\u043c \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u0439 \u0432 \u043f\u0440\u0435\u0434\u0435\u043b\u0430\u0445 \u0431\u0443\u0444\u0435\u0440\u0430 \u043f\u0430\u043c\u044f\u0442\u0438. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e, \u043e\u043a\u0430\u0437\u0430\u0442\u044c \u0432\u043b\u0438\u044f\u043d\u0438\u0435 \u043d\u0430 \u0440\u0430\u0431\u043e\u0442\u0443 \u0441\u0438\u0441\u0442\u0435\u043c\u044b",
"\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
"\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
"\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0430\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u0445",
"\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://redos.red-soft.ru/support/secure/\nhttps://www.mozilla.org/security/advisories/mfsa2024-29/\nhttps://www.mozilla.org/security/advisories/mfsa2024-30/\nhttps://www.mozilla.org/security/advisories/mfsa2024-31/\nhttps://www.mozilla.org/security/advisories/mfsa2024-32/\nhttps://wiki.astralinux.ru/astra-linux-se17-bulletin-2024-1108SE17MD\nhttps://altsp.su/obnovleniya-bezopasnosti/\nhttps://redos.red-soft.ru/support/secure/uyazvimosti/uyazvimost-nss-cve-2024-6602/?sphrase_id=715738\nhttps://\u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0430.\u043d\u043f\u043f\u043a\u0442.\u0440\u0444/bin/view/\u041e\u0421\u043d\u043e\u0432\u0430/\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f/2.12/\nhttps://\u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0430.\u043d\u043f\u043f\u043a\u0442.\u0440\u0444/bin/view/\u041e\u0421\u043d\u043e\u0432\u0430/\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f/2.12/\nhttps://\u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0430.\u043d\u043f\u043f\u043a\u0442.\u0440\u0444/bin/view/\u041e\u0421\u043d\u043e\u0432\u0430/\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f/2.12/\nhttps://wiki.astralinux.ru/astra-linux-se18-bulletin-2025-0411SE18\nhttps://wiki.astralinux.ru/astra-linux-se47-bulletin-2025-0422SE47",
"\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
"\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430, \u041f\u0440\u0438\u043a\u043b\u0430\u0434\u043d\u043e\u0435 \u041f\u041e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c",
"\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-119",
"\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 6,4)\n\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 6,1)"
}
CNVD-2024-34591
Vulnerability from cnvd - Published: 2024-08-06
VLAI Severity ?
Title
多款Mozilla产品代码执行漏洞(CNVD-2024-34591)
Description
Mozilla Firefox是一款开源Web浏览器。Mozilla Firefox ESR是Firefox(Web浏览器)的一个延长支持版本。Mozilla Thunderbird是一套从Mozilla Application Suite独立出来的电子邮件客户端软件。
多款Mozilla产品存在代码执行漏洞,该漏洞是由NSS中的内存破坏引起的。攻击者可利用该漏洞在系统上执行任意代码或造成拒绝服务。
Severity
低
Patch Name
多款Mozilla产品代码执行漏洞(CNVD-2024-34591)的补丁
Patch Description
Mozilla Firefox是一款开源Web浏览器。Mozilla Firefox ESR是Firefox(Web浏览器)的一个延长支持版本。Mozilla Thunderbird是一套从Mozilla Application Suite独立出来的电子邮件客户端软件。
多款Mozilla产品存在代码执行漏洞,该漏洞是由NSS中的内存破坏引起的。攻击者可利用该漏洞在系统上执行任意代码或造成拒绝服务。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
厂商已发布了漏洞修复程序,请及时关注更新:
https://www.mozilla.org/security/advisories/mfsa2024-29/
https://www.mozilla.org/security/advisories/mfsa2024-30/
https://www.mozilla.org/security/advisories/mfsa2024-31/
https://www.mozilla.org/security/advisories/mfsa2024-32/
Reference
https://nvd.nist.gov/vuln/detail/CVE-2024-6602
Impacted products
| Name | ['Mozilla Firefox <128', 'Mozilla Firefox ESR <115.13', 'mozilla Thunderbird < 115.13', 'mozilla Thunderbird < 128'] |
|---|
{
"cves": {
"cve": {
"cveNumber": "CVE-2024-6602",
"cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2024-6602"
}
},
"description": "Mozilla Firefox\u662f\u4e00\u6b3e\u5f00\u6e90Web\u6d4f\u89c8\u5668\u3002Mozilla Firefox ESR\u662fFirefox\uff08Web\u6d4f\u89c8\u5668\uff09\u7684\u4e00\u4e2a\u5ef6\u957f\u652f\u6301\u7248\u672c\u3002Mozilla Thunderbird\u662f\u4e00\u5957\u4eceMozilla Application Suite\u72ec\u7acb\u51fa\u6765\u7684\u7535\u5b50\u90ae\u4ef6\u5ba2\u6237\u7aef\u8f6f\u4ef6\u3002\n\n\u591a\u6b3eMozilla\u4ea7\u54c1\u5b58\u5728\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u662f\u7531NSS\u4e2d\u7684\u5185\u5b58\u7834\u574f\u5f15\u8d77\u7684\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5728\u7cfb\u7edf\u4e0a\u6267\u884c\u4efb\u610f\u4ee3\u7801\u6216\u9020\u6210\u62d2\u7edd\u670d\u52a1\u3002",
"formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://www.mozilla.org/security/advisories/mfsa2024-29/ \t\r\nhttps://www.mozilla.org/security/advisories/mfsa2024-30/ \t\r\nhttps://www.mozilla.org/security/advisories/mfsa2024-31/ \t\r\nhttps://www.mozilla.org/security/advisories/mfsa2024-32/",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2024-34591",
"openTime": "2024-08-06",
"patchDescription": "Mozilla Firefox\u662f\u4e00\u6b3e\u5f00\u6e90Web\u6d4f\u89c8\u5668\u3002Mozilla Firefox ESR\u662fFirefox\uff08Web\u6d4f\u89c8\u5668\uff09\u7684\u4e00\u4e2a\u5ef6\u957f\u652f\u6301\u7248\u672c\u3002Mozilla Thunderbird\u662f\u4e00\u5957\u4eceMozilla Application Suite\u72ec\u7acb\u51fa\u6765\u7684\u7535\u5b50\u90ae\u4ef6\u5ba2\u6237\u7aef\u8f6f\u4ef6\u3002\r\n\r\n\u591a\u6b3eMozilla\u4ea7\u54c1\u5b58\u5728\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u662f\u7531NSS\u4e2d\u7684\u5185\u5b58\u7834\u574f\u5f15\u8d77\u7684\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5728\u7cfb\u7edf\u4e0a\u6267\u884c\u4efb\u610f\u4ee3\u7801\u6216\u9020\u6210\u62d2\u7edd\u670d\u52a1\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "\u591a\u6b3eMozilla\u4ea7\u54c1\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\uff08CNVD-2024-34591\uff09\u7684\u8865\u4e01",
"products": {
"product": [
"Mozilla Firefox \u003c128",
"Mozilla Firefox ESR \u003c115.13",
"mozilla Thunderbird \u003c 115.13",
"mozilla Thunderbird \u003c 128"
]
},
"referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2024-6602",
"serverity": "\u4f4e",
"submitTime": "2024-07-12",
"title": "\u591a\u6b3eMozilla\u4ea7\u54c1\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\uff08CNVD-2024-34591\uff09"
}
FKIE_CVE-2024-6602
Vulnerability from fkie_nvd - Published: 2024-07-09 15:15 - Updated: 2025-11-03 23:17
Severity ?
Summary
A mismatch between allocator and deallocator could have led to memory corruption. This vulnerability affects Firefox < 128, Firefox ESR < 115.13, Thunderbird < 115.13, and Thunderbird < 128.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mozilla | firefox | * | |
| mozilla | firefox | * | |
| mozilla | thunderbird | * | |
| mozilla | thunderbird | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:esr:*:*:*",
"matchCriteriaId": "B174E5D8-7E32-4C31-804C-6BA0CF4B1BF0",
"versionEndExcluding": "115.13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
"matchCriteriaId": "540E6900-1ECF-4138-9ABB-C3CC81FCF47B",
"versionEndExcluding": "128.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1D1AFF4D-05F4-42C8-93AE-DF09583E4569",
"versionEndExcluding": "115.13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B54A357A-8350-41CE-AF08-F7BE6E33CC44",
"versionEndExcluding": "128.0",
"versionStartIncluding": "116.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A mismatch between allocator and deallocator could have led to memory corruption. This vulnerability affects Firefox \u003c 128, Firefox ESR \u003c 115.13, Thunderbird \u003c 115.13, and Thunderbird \u003c 128."
},
{
"lang": "es",
"value": "Una falta de coincidencia entre el asignador y el desasignador podr\u00eda haber provocado da\u00f1os en la memoria. Esta vulnerabilidad afecta a Firefox \u0026lt; 128 y Firefox ESR \u0026lt; 115.13."
}
],
"id": "CVE-2024-6602",
"lastModified": "2025-11-03T23:17:30.933",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2024-07-09T15:15:12.473",
"references": [
{
"source": "security@mozilla.org",
"tags": [
"Issue Tracking"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1895032"
},
{
"source": "security@mozilla.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2024-29/"
},
{
"source": "security@mozilla.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2024-30/"
},
{
"source": "security@mozilla.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2024-31/"
},
{
"source": "security@mozilla.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2024-32/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1895032"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.debian.org/debian-lts-announce/2024/10/msg00028.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2024-29/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2024-30/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2024-31/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2024-32/"
}
],
"sourceIdentifier": "security@mozilla.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-94"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
GHSA-V6R5-WP7H-CJ77
Vulnerability from github – Published: 2024-07-09 15:30 – Updated: 2025-11-04 00:30
VLAI?
Details
A mismatch between allocator and deallocator could have lead to memory corruption. This vulnerability affects Firefox < 128 and Firefox ESR < 115.13.
Severity ?
9.8 (Critical)
{
"affected": [],
"aliases": [
"CVE-2024-6602"
],
"database_specific": {
"cwe_ids": [
"CWE-94"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-07-09T15:15:12Z",
"severity": "CRITICAL"
},
"details": "A mismatch between allocator and deallocator could have lead to memory corruption. This vulnerability affects Firefox \u003c 128 and Firefox ESR \u003c 115.13.",
"id": "GHSA-v6r5-wp7h-cj77",
"modified": "2025-11-04T00:30:51Z",
"published": "2024-07-09T15:30:54Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-6602"
},
{
"type": "WEB",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1895032"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2024/10/msg00028.html"
},
{
"type": "WEB",
"url": "https://www.mozilla.org/security/advisories/mfsa2024-29"
},
{
"type": "WEB",
"url": "https://www.mozilla.org/security/advisories/mfsa2024-30"
},
{
"type": "WEB",
"url": "https://www.mozilla.org/security/advisories/mfsa2024-31"
},
{
"type": "WEB",
"url": "https://www.mozilla.org/security/advisories/mfsa2024-32"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
OPENSUSE-SU-2024:14189-1
Vulnerability from csaf_opensuse - Published: 2024-07-15 00:00 - Updated: 2024-07-15 00:00Summary
MozillaThunderbird-115.13.0-1.1 on GA media
Severity
Moderate
Notes
Title of the patch: MozillaThunderbird-115.13.0-1.1 on GA media
Description of the patch: These are all security issues fixed in the MozillaThunderbird-115.13.0-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2024-14189
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
6.3 (Medium)
Affected products
Recommended
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-115.13.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-115.13.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-115.13.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-115.13.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-115.13.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-115.13.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-115.13.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-115.13.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-common-115.13.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-common-115.13.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-common-115.13.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-common-115.13.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-other-115.13.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-other-115.13.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-other-115.13.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-other-115.13.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
4.7 (Medium)
Affected products
Recommended
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-115.13.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-115.13.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-115.13.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-115.13.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-115.13.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-115.13.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-115.13.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-115.13.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-common-115.13.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-common-115.13.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-common-115.13.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-common-115.13.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-other-115.13.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-other-115.13.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-other-115.13.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-other-115.13.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6.1 (Medium)
Affected products
Recommended
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-115.13.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-115.13.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-115.13.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-115.13.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-115.13.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-115.13.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-115.13.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-115.13.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-common-115.13.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-common-115.13.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-common-115.13.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-common-115.13.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-other-115.13.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-other-115.13.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-other-115.13.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-other-115.13.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
5.4 (Medium)
Affected products
Recommended
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-115.13.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-115.13.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-115.13.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-115.13.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-115.13.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-115.13.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-115.13.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-115.13.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-common-115.13.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-common-115.13.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-common-115.13.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-common-115.13.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-other-115.13.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-other-115.13.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-other-115.13.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-other-115.13.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.8 (High)
Affected products
Recommended
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-115.13.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-115.13.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-115.13.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-115.13.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-115.13.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-115.13.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-115.13.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-115.13.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-common-115.13.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-common-115.13.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-common-115.13.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-common-115.13.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-other-115.13.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-other-115.13.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-other-115.13.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-other-115.13.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
17 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "MozillaThunderbird-115.13.0-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the MozillaThunderbird-115.13.0-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-14189",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_14189-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-6600 page",
"url": "https://www.suse.com/security/cve/CVE-2024-6600/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-6601 page",
"url": "https://www.suse.com/security/cve/CVE-2024-6601/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-6602 page",
"url": "https://www.suse.com/security/cve/CVE-2024-6602/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-6603 page",
"url": "https://www.suse.com/security/cve/CVE-2024-6603/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-6604 page",
"url": "https://www.suse.com/security/cve/CVE-2024-6604/"
}
],
"title": "MozillaThunderbird-115.13.0-1.1 on GA media",
"tracking": {
"current_release_date": "2024-07-15T00:00:00Z",
"generator": {
"date": "2024-07-15T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:14189-1",
"initial_release_date": "2024-07-15T00:00:00Z",
"revision_history": [
{
"date": "2024-07-15T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "MozillaThunderbird-115.13.0-1.1.aarch64",
"product": {
"name": "MozillaThunderbird-115.13.0-1.1.aarch64",
"product_id": "MozillaThunderbird-115.13.0-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "MozillaThunderbird-openpgp-librnp-115.13.0-1.1.aarch64",
"product": {
"name": "MozillaThunderbird-openpgp-librnp-115.13.0-1.1.aarch64",
"product_id": "MozillaThunderbird-openpgp-librnp-115.13.0-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "MozillaThunderbird-translations-common-115.13.0-1.1.aarch64",
"product": {
"name": "MozillaThunderbird-translations-common-115.13.0-1.1.aarch64",
"product_id": "MozillaThunderbird-translations-common-115.13.0-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "MozillaThunderbird-translations-other-115.13.0-1.1.aarch64",
"product": {
"name": "MozillaThunderbird-translations-other-115.13.0-1.1.aarch64",
"product_id": "MozillaThunderbird-translations-other-115.13.0-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "MozillaThunderbird-115.13.0-1.1.ppc64le",
"product": {
"name": "MozillaThunderbird-115.13.0-1.1.ppc64le",
"product_id": "MozillaThunderbird-115.13.0-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "MozillaThunderbird-openpgp-librnp-115.13.0-1.1.ppc64le",
"product": {
"name": "MozillaThunderbird-openpgp-librnp-115.13.0-1.1.ppc64le",
"product_id": "MozillaThunderbird-openpgp-librnp-115.13.0-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "MozillaThunderbird-translations-common-115.13.0-1.1.ppc64le",
"product": {
"name": "MozillaThunderbird-translations-common-115.13.0-1.1.ppc64le",
"product_id": "MozillaThunderbird-translations-common-115.13.0-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "MozillaThunderbird-translations-other-115.13.0-1.1.ppc64le",
"product": {
"name": "MozillaThunderbird-translations-other-115.13.0-1.1.ppc64le",
"product_id": "MozillaThunderbird-translations-other-115.13.0-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "MozillaThunderbird-115.13.0-1.1.s390x",
"product": {
"name": "MozillaThunderbird-115.13.0-1.1.s390x",
"product_id": "MozillaThunderbird-115.13.0-1.1.s390x"
}
},
{
"category": "product_version",
"name": "MozillaThunderbird-openpgp-librnp-115.13.0-1.1.s390x",
"product": {
"name": "MozillaThunderbird-openpgp-librnp-115.13.0-1.1.s390x",
"product_id": "MozillaThunderbird-openpgp-librnp-115.13.0-1.1.s390x"
}
},
{
"category": "product_version",
"name": "MozillaThunderbird-translations-common-115.13.0-1.1.s390x",
"product": {
"name": "MozillaThunderbird-translations-common-115.13.0-1.1.s390x",
"product_id": "MozillaThunderbird-translations-common-115.13.0-1.1.s390x"
}
},
{
"category": "product_version",
"name": "MozillaThunderbird-translations-other-115.13.0-1.1.s390x",
"product": {
"name": "MozillaThunderbird-translations-other-115.13.0-1.1.s390x",
"product_id": "MozillaThunderbird-translations-other-115.13.0-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "MozillaThunderbird-115.13.0-1.1.x86_64",
"product": {
"name": "MozillaThunderbird-115.13.0-1.1.x86_64",
"product_id": "MozillaThunderbird-115.13.0-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "MozillaThunderbird-openpgp-librnp-115.13.0-1.1.x86_64",
"product": {
"name": "MozillaThunderbird-openpgp-librnp-115.13.0-1.1.x86_64",
"product_id": "MozillaThunderbird-openpgp-librnp-115.13.0-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "MozillaThunderbird-translations-common-115.13.0-1.1.x86_64",
"product": {
"name": "MozillaThunderbird-translations-common-115.13.0-1.1.x86_64",
"product_id": "MozillaThunderbird-translations-common-115.13.0-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "MozillaThunderbird-translations-other-115.13.0-1.1.x86_64",
"product": {
"name": "MozillaThunderbird-translations-other-115.13.0-1.1.x86_64",
"product_id": "MozillaThunderbird-translations-other-115.13.0-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-115.13.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaThunderbird-115.13.0-1.1.aarch64"
},
"product_reference": "MozillaThunderbird-115.13.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-115.13.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaThunderbird-115.13.0-1.1.ppc64le"
},
"product_reference": "MozillaThunderbird-115.13.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-115.13.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaThunderbird-115.13.0-1.1.s390x"
},
"product_reference": "MozillaThunderbird-115.13.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-115.13.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaThunderbird-115.13.0-1.1.x86_64"
},
"product_reference": "MozillaThunderbird-115.13.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-openpgp-librnp-115.13.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-115.13.0-1.1.aarch64"
},
"product_reference": "MozillaThunderbird-openpgp-librnp-115.13.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-openpgp-librnp-115.13.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-115.13.0-1.1.ppc64le"
},
"product_reference": "MozillaThunderbird-openpgp-librnp-115.13.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-openpgp-librnp-115.13.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-115.13.0-1.1.s390x"
},
"product_reference": "MozillaThunderbird-openpgp-librnp-115.13.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-openpgp-librnp-115.13.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-115.13.0-1.1.x86_64"
},
"product_reference": "MozillaThunderbird-openpgp-librnp-115.13.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-translations-common-115.13.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaThunderbird-translations-common-115.13.0-1.1.aarch64"
},
"product_reference": "MozillaThunderbird-translations-common-115.13.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-translations-common-115.13.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaThunderbird-translations-common-115.13.0-1.1.ppc64le"
},
"product_reference": "MozillaThunderbird-translations-common-115.13.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-translations-common-115.13.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaThunderbird-translations-common-115.13.0-1.1.s390x"
},
"product_reference": "MozillaThunderbird-translations-common-115.13.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-translations-common-115.13.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaThunderbird-translations-common-115.13.0-1.1.x86_64"
},
"product_reference": "MozillaThunderbird-translations-common-115.13.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-translations-other-115.13.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaThunderbird-translations-other-115.13.0-1.1.aarch64"
},
"product_reference": "MozillaThunderbird-translations-other-115.13.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-translations-other-115.13.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaThunderbird-translations-other-115.13.0-1.1.ppc64le"
},
"product_reference": "MozillaThunderbird-translations-other-115.13.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-translations-other-115.13.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaThunderbird-translations-other-115.13.0-1.1.s390x"
},
"product_reference": "MozillaThunderbird-translations-other-115.13.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-translations-other-115.13.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaThunderbird-translations-other-115.13.0-1.1.x86_64"
},
"product_reference": "MozillaThunderbird-translations-other-115.13.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-6600",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-6600"
}
],
"notes": [
{
"category": "general",
"text": "Due to large allocation checks in Angle for GLSL shaders being too lenient an out-of-bounds access could occur when allocating more than 8192 ints in private shader memory on mac OS. This vulnerability affects Firefox \u003c 128, Firefox ESR \u003c 115.13, Thunderbird \u003c 115.13, and Thunderbird \u003c 128.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-115.13.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-115.13.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-115.13.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-115.13.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-115.13.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-115.13.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-115.13.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-115.13.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-115.13.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-115.13.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-115.13.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-115.13.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-115.13.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-115.13.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-115.13.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-115.13.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-6600",
"url": "https://www.suse.com/security/cve/CVE-2024-6600"
},
{
"category": "external",
"summary": "SUSE Bug 1226316 for CVE-2024-6600",
"url": "https://bugzilla.suse.com/1226316"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-115.13.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-115.13.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-115.13.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-115.13.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-115.13.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-115.13.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-115.13.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-115.13.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-115.13.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-115.13.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-115.13.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-115.13.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-115.13.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-115.13.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-115.13.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-115.13.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaThunderbird-115.13.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-115.13.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-115.13.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-115.13.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-115.13.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-115.13.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-115.13.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-115.13.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-115.13.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-115.13.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-115.13.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-115.13.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-115.13.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-115.13.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-115.13.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-115.13.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2024-6600"
},
{
"cve": "CVE-2024-6601",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-6601"
}
],
"notes": [
{
"category": "general",
"text": "A race condition could lead to a cross-origin container obtaining permissions of the top-level origin. This vulnerability affects Firefox \u003c 128, Firefox ESR \u003c 115.13, Thunderbird \u003c 115.13, and Thunderbird \u003c 128.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-115.13.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-115.13.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-115.13.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-115.13.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-115.13.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-115.13.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-115.13.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-115.13.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-115.13.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-115.13.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-115.13.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-115.13.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-115.13.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-115.13.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-115.13.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-115.13.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-6601",
"url": "https://www.suse.com/security/cve/CVE-2024-6601"
},
{
"category": "external",
"summary": "SUSE Bug 1226316 for CVE-2024-6601",
"url": "https://bugzilla.suse.com/1226316"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-115.13.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-115.13.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-115.13.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-115.13.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-115.13.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-115.13.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-115.13.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-115.13.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-115.13.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-115.13.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-115.13.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-115.13.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-115.13.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-115.13.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-115.13.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-115.13.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaThunderbird-115.13.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-115.13.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-115.13.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-115.13.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-115.13.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-115.13.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-115.13.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-115.13.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-115.13.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-115.13.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-115.13.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-115.13.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-115.13.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-115.13.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-115.13.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-115.13.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2024-6601"
},
{
"cve": "CVE-2024-6602",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-6602"
}
],
"notes": [
{
"category": "general",
"text": "A mismatch between allocator and deallocator could have led to memory corruption. This vulnerability affects Firefox \u003c 128, Firefox ESR \u003c 115.13, Thunderbird \u003c 115.13, and Thunderbird \u003c 128.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-115.13.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-115.13.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-115.13.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-115.13.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-115.13.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-115.13.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-115.13.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-115.13.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-115.13.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-115.13.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-115.13.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-115.13.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-115.13.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-115.13.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-115.13.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-115.13.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-6602",
"url": "https://www.suse.com/security/cve/CVE-2024-6602"
},
{
"category": "external",
"summary": "SUSE Bug 1226316 for CVE-2024-6602",
"url": "https://bugzilla.suse.com/1226316"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-115.13.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-115.13.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-115.13.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-115.13.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-115.13.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-115.13.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-115.13.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-115.13.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-115.13.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-115.13.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-115.13.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-115.13.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-115.13.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-115.13.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-115.13.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-115.13.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaThunderbird-115.13.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-115.13.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-115.13.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-115.13.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-115.13.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-115.13.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-115.13.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-115.13.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-115.13.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-115.13.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-115.13.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-115.13.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-115.13.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-115.13.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-115.13.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-115.13.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2024-6602"
},
{
"cve": "CVE-2024-6603",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-6603"
}
],
"notes": [
{
"category": "general",
"text": "In an out-of-memory scenario an allocation could fail but free would have been called on the pointer afterwards leading to memory corruption. This vulnerability affects Firefox \u003c 128, Firefox ESR \u003c 115.13, Thunderbird \u003c 115.13, and Thunderbird \u003c 128.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-115.13.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-115.13.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-115.13.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-115.13.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-115.13.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-115.13.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-115.13.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-115.13.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-115.13.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-115.13.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-115.13.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-115.13.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-115.13.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-115.13.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-115.13.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-115.13.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-6603",
"url": "https://www.suse.com/security/cve/CVE-2024-6603"
},
{
"category": "external",
"summary": "SUSE Bug 1226316 for CVE-2024-6603",
"url": "https://bugzilla.suse.com/1226316"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-115.13.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-115.13.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-115.13.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-115.13.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-115.13.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-115.13.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-115.13.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-115.13.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-115.13.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-115.13.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-115.13.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-115.13.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-115.13.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-115.13.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-115.13.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-115.13.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaThunderbird-115.13.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-115.13.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-115.13.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-115.13.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-115.13.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-115.13.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-115.13.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-115.13.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-115.13.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-115.13.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-115.13.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-115.13.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-115.13.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-115.13.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-115.13.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-115.13.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2024-6603"
},
{
"cve": "CVE-2024-6604",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-6604"
}
],
"notes": [
{
"category": "general",
"text": "Memory safety bugs present in Firefox 127, Firefox ESR 115.12, and Thunderbird 115.12. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 128, Firefox ESR \u003c 115.13, Thunderbird \u003c 115.13, and Thunderbird \u003c 128.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-115.13.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-115.13.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-115.13.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-115.13.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-115.13.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-115.13.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-115.13.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-115.13.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-115.13.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-115.13.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-115.13.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-115.13.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-115.13.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-115.13.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-115.13.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-115.13.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-6604",
"url": "https://www.suse.com/security/cve/CVE-2024-6604"
},
{
"category": "external",
"summary": "SUSE Bug 1226316 for CVE-2024-6604",
"url": "https://bugzilla.suse.com/1226316"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-115.13.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-115.13.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-115.13.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-115.13.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-115.13.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-115.13.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-115.13.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-115.13.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-115.13.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-115.13.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-115.13.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-115.13.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-115.13.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-115.13.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-115.13.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-115.13.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaThunderbird-115.13.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-115.13.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-115.13.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-115.13.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-115.13.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-115.13.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-115.13.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-115.13.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-115.13.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-115.13.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-115.13.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-115.13.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-115.13.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-115.13.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-115.13.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-115.13.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2024-6604"
}
]
}
OPENSUSE-SU-2024:14197-1
Vulnerability from csaf_opensuse - Published: 2024-07-17 00:00 - Updated: 2024-07-17 00:00Summary
MozillaFirefox-128.0-1.1 on GA media
Severity
Moderate
Notes
Title of the patch: MozillaFirefox-128.0-1.1 on GA media
Description of the patch: These are all security issues fixed in the MozillaFirefox-128.0-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2024-14197
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
6.3 (Medium)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
4.7 (Medium)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6.1 (Medium)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
5.4 (Medium)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.8 (High)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.1 (High)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.2 (High)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
5.4 (Medium)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
4.3 (Medium)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
4.7 (Medium)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
4.7 (Medium)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
4.3 (Medium)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
4.3 (Medium)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.8 (High)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
50 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "MozillaFirefox-128.0-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the MozillaFirefox-128.0-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-14197",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_14197-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-6600 page",
"url": "https://www.suse.com/security/cve/CVE-2024-6600/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-6601 page",
"url": "https://www.suse.com/security/cve/CVE-2024-6601/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-6602 page",
"url": "https://www.suse.com/security/cve/CVE-2024-6602/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-6603 page",
"url": "https://www.suse.com/security/cve/CVE-2024-6603/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-6604 page",
"url": "https://www.suse.com/security/cve/CVE-2024-6604/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-6605 page",
"url": "https://www.suse.com/security/cve/CVE-2024-6605/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-6606 page",
"url": "https://www.suse.com/security/cve/CVE-2024-6606/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-6607 page",
"url": "https://www.suse.com/security/cve/CVE-2024-6607/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-6608 page",
"url": "https://www.suse.com/security/cve/CVE-2024-6608/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-6609 page",
"url": "https://www.suse.com/security/cve/CVE-2024-6609/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-6610 page",
"url": "https://www.suse.com/security/cve/CVE-2024-6610/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-6611 page",
"url": "https://www.suse.com/security/cve/CVE-2024-6611/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-6612 page",
"url": "https://www.suse.com/security/cve/CVE-2024-6612/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-6613 page",
"url": "https://www.suse.com/security/cve/CVE-2024-6613/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-6614 page",
"url": "https://www.suse.com/security/cve/CVE-2024-6614/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-6615 page",
"url": "https://www.suse.com/security/cve/CVE-2024-6615/"
}
],
"title": "MozillaFirefox-128.0-1.1 on GA media",
"tracking": {
"current_release_date": "2024-07-17T00:00:00Z",
"generator": {
"date": "2024-07-17T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:14197-1",
"initial_release_date": "2024-07-17T00:00:00Z",
"revision_history": [
{
"date": "2024-07-17T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "MozillaFirefox-128.0-1.1.aarch64",
"product": {
"name": "MozillaFirefox-128.0-1.1.aarch64",
"product_id": "MozillaFirefox-128.0-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-branding-upstream-128.0-1.1.aarch64",
"product": {
"name": "MozillaFirefox-branding-upstream-128.0-1.1.aarch64",
"product_id": "MozillaFirefox-branding-upstream-128.0-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-devel-128.0-1.1.aarch64",
"product": {
"name": "MozillaFirefox-devel-128.0-1.1.aarch64",
"product_id": "MozillaFirefox-devel-128.0-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-common-128.0-1.1.aarch64",
"product": {
"name": "MozillaFirefox-translations-common-128.0-1.1.aarch64",
"product_id": "MozillaFirefox-translations-common-128.0-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-other-128.0-1.1.aarch64",
"product": {
"name": "MozillaFirefox-translations-other-128.0-1.1.aarch64",
"product_id": "MozillaFirefox-translations-other-128.0-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "MozillaFirefox-128.0-1.1.ppc64le",
"product": {
"name": "MozillaFirefox-128.0-1.1.ppc64le",
"product_id": "MozillaFirefox-128.0-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-branding-upstream-128.0-1.1.ppc64le",
"product": {
"name": "MozillaFirefox-branding-upstream-128.0-1.1.ppc64le",
"product_id": "MozillaFirefox-branding-upstream-128.0-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-devel-128.0-1.1.ppc64le",
"product": {
"name": "MozillaFirefox-devel-128.0-1.1.ppc64le",
"product_id": "MozillaFirefox-devel-128.0-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-common-128.0-1.1.ppc64le",
"product": {
"name": "MozillaFirefox-translations-common-128.0-1.1.ppc64le",
"product_id": "MozillaFirefox-translations-common-128.0-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-other-128.0-1.1.ppc64le",
"product": {
"name": "MozillaFirefox-translations-other-128.0-1.1.ppc64le",
"product_id": "MozillaFirefox-translations-other-128.0-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "MozillaFirefox-128.0-1.1.s390x",
"product": {
"name": "MozillaFirefox-128.0-1.1.s390x",
"product_id": "MozillaFirefox-128.0-1.1.s390x"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-branding-upstream-128.0-1.1.s390x",
"product": {
"name": "MozillaFirefox-branding-upstream-128.0-1.1.s390x",
"product_id": "MozillaFirefox-branding-upstream-128.0-1.1.s390x"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-devel-128.0-1.1.s390x",
"product": {
"name": "MozillaFirefox-devel-128.0-1.1.s390x",
"product_id": "MozillaFirefox-devel-128.0-1.1.s390x"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-common-128.0-1.1.s390x",
"product": {
"name": "MozillaFirefox-translations-common-128.0-1.1.s390x",
"product_id": "MozillaFirefox-translations-common-128.0-1.1.s390x"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-other-128.0-1.1.s390x",
"product": {
"name": "MozillaFirefox-translations-other-128.0-1.1.s390x",
"product_id": "MozillaFirefox-translations-other-128.0-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "MozillaFirefox-128.0-1.1.x86_64",
"product": {
"name": "MozillaFirefox-128.0-1.1.x86_64",
"product_id": "MozillaFirefox-128.0-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-branding-upstream-128.0-1.1.x86_64",
"product": {
"name": "MozillaFirefox-branding-upstream-128.0-1.1.x86_64",
"product_id": "MozillaFirefox-branding-upstream-128.0-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-devel-128.0-1.1.x86_64",
"product": {
"name": "MozillaFirefox-devel-128.0-1.1.x86_64",
"product_id": "MozillaFirefox-devel-128.0-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-common-128.0-1.1.x86_64",
"product": {
"name": "MozillaFirefox-translations-common-128.0-1.1.x86_64",
"product_id": "MozillaFirefox-translations-common-128.0-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-other-128.0-1.1.x86_64",
"product": {
"name": "MozillaFirefox-translations-other-128.0-1.1.x86_64",
"product_id": "MozillaFirefox-translations-other-128.0-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-128.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64"
},
"product_reference": "MozillaFirefox-128.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-128.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le"
},
"product_reference": "MozillaFirefox-128.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-128.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x"
},
"product_reference": "MozillaFirefox-128.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-128.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64"
},
"product_reference": "MozillaFirefox-128.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-branding-upstream-128.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64"
},
"product_reference": "MozillaFirefox-branding-upstream-128.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-branding-upstream-128.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le"
},
"product_reference": "MozillaFirefox-branding-upstream-128.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-branding-upstream-128.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x"
},
"product_reference": "MozillaFirefox-branding-upstream-128.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-branding-upstream-128.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64"
},
"product_reference": "MozillaFirefox-branding-upstream-128.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-devel-128.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64"
},
"product_reference": "MozillaFirefox-devel-128.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-devel-128.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le"
},
"product_reference": "MozillaFirefox-devel-128.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-devel-128.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x"
},
"product_reference": "MozillaFirefox-devel-128.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-devel-128.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64"
},
"product_reference": "MozillaFirefox-devel-128.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-common-128.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64"
},
"product_reference": "MozillaFirefox-translations-common-128.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-common-128.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le"
},
"product_reference": "MozillaFirefox-translations-common-128.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-common-128.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x"
},
"product_reference": "MozillaFirefox-translations-common-128.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-common-128.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64"
},
"product_reference": "MozillaFirefox-translations-common-128.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-other-128.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64"
},
"product_reference": "MozillaFirefox-translations-other-128.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-other-128.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le"
},
"product_reference": "MozillaFirefox-translations-other-128.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-other-128.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x"
},
"product_reference": "MozillaFirefox-translations-other-128.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-other-128.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64"
},
"product_reference": "MozillaFirefox-translations-other-128.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-6600",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-6600"
}
],
"notes": [
{
"category": "general",
"text": "Due to large allocation checks in Angle for GLSL shaders being too lenient an out-of-bounds access could occur when allocating more than 8192 ints in private shader memory on mac OS. This vulnerability affects Firefox \u003c 128, Firefox ESR \u003c 115.13, Thunderbird \u003c 115.13, and Thunderbird \u003c 128.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-6600",
"url": "https://www.suse.com/security/cve/CVE-2024-6600"
},
{
"category": "external",
"summary": "SUSE Bug 1226316 for CVE-2024-6600",
"url": "https://bugzilla.suse.com/1226316"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-17T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2024-6600"
},
{
"cve": "CVE-2024-6601",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-6601"
}
],
"notes": [
{
"category": "general",
"text": "A race condition could lead to a cross-origin container obtaining permissions of the top-level origin. This vulnerability affects Firefox \u003c 128, Firefox ESR \u003c 115.13, Thunderbird \u003c 115.13, and Thunderbird \u003c 128.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-6601",
"url": "https://www.suse.com/security/cve/CVE-2024-6601"
},
{
"category": "external",
"summary": "SUSE Bug 1226316 for CVE-2024-6601",
"url": "https://bugzilla.suse.com/1226316"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-17T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2024-6601"
},
{
"cve": "CVE-2024-6602",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-6602"
}
],
"notes": [
{
"category": "general",
"text": "A mismatch between allocator and deallocator could have led to memory corruption. This vulnerability affects Firefox \u003c 128, Firefox ESR \u003c 115.13, Thunderbird \u003c 115.13, and Thunderbird \u003c 128.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-6602",
"url": "https://www.suse.com/security/cve/CVE-2024-6602"
},
{
"category": "external",
"summary": "SUSE Bug 1226316 for CVE-2024-6602",
"url": "https://bugzilla.suse.com/1226316"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-17T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2024-6602"
},
{
"cve": "CVE-2024-6603",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-6603"
}
],
"notes": [
{
"category": "general",
"text": "In an out-of-memory scenario an allocation could fail but free would have been called on the pointer afterwards leading to memory corruption. This vulnerability affects Firefox \u003c 128, Firefox ESR \u003c 115.13, Thunderbird \u003c 115.13, and Thunderbird \u003c 128.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-6603",
"url": "https://www.suse.com/security/cve/CVE-2024-6603"
},
{
"category": "external",
"summary": "SUSE Bug 1226316 for CVE-2024-6603",
"url": "https://bugzilla.suse.com/1226316"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-17T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2024-6603"
},
{
"cve": "CVE-2024-6604",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-6604"
}
],
"notes": [
{
"category": "general",
"text": "Memory safety bugs present in Firefox 127, Firefox ESR 115.12, and Thunderbird 115.12. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 128, Firefox ESR \u003c 115.13, Thunderbird \u003c 115.13, and Thunderbird \u003c 128.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-6604",
"url": "https://www.suse.com/security/cve/CVE-2024-6604"
},
{
"category": "external",
"summary": "SUSE Bug 1226316 for CVE-2024-6604",
"url": "https://bugzilla.suse.com/1226316"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-17T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2024-6604"
},
{
"cve": "CVE-2024-6605",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-6605"
}
],
"notes": [
{
"category": "general",
"text": "Firefox Android allowed immediate interaction with permission prompts. This could be used for tapjacking. This vulnerability affects Firefox \u003c 128.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-6605",
"url": "https://www.suse.com/security/cve/CVE-2024-6605"
},
{
"category": "external",
"summary": "SUSE Bug 1226316 for CVE-2024-6605",
"url": "https://bugzilla.suse.com/1226316"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-17T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2024-6605"
},
{
"cve": "CVE-2024-6606",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-6606"
}
],
"notes": [
{
"category": "general",
"text": "Clipboard code failed to check the index on an array access. This could have led to an out-of-bounds read. This vulnerability affects Firefox \u003c 128 and Thunderbird \u003c 128.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-6606",
"url": "https://www.suse.com/security/cve/CVE-2024-6606"
},
{
"category": "external",
"summary": "SUSE Bug 1226316 for CVE-2024-6606",
"url": "https://bugzilla.suse.com/1226316"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-17T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2024-6606"
},
{
"cve": "CVE-2024-6607",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-6607"
}
],
"notes": [
{
"category": "general",
"text": "It was possible to prevent a user from exiting pointerlock when pressing escape and to overlay customValidity notifications from a `\u0026lt;select\u0026gt;` element over certain permission prompts. This could be used to confuse a user into giving a site unintended permissions. This vulnerability affects Firefox \u003c 128 and Thunderbird \u003c 128.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-6607",
"url": "https://www.suse.com/security/cve/CVE-2024-6607"
},
{
"category": "external",
"summary": "SUSE Bug 1226316 for CVE-2024-6607",
"url": "https://bugzilla.suse.com/1226316"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-17T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2024-6607"
},
{
"cve": "CVE-2024-6608",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-6608"
}
],
"notes": [
{
"category": "general",
"text": "It was possible to move the cursor using pointerlock from an iframe. This allowed moving the cursor outside of the viewport and the Firefox window. This vulnerability affects Firefox \u003c 128 and Thunderbird \u003c 128.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-6608",
"url": "https://www.suse.com/security/cve/CVE-2024-6608"
},
{
"category": "external",
"summary": "SUSE Bug 1226316 for CVE-2024-6608",
"url": "https://bugzilla.suse.com/1226316"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-17T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2024-6608"
},
{
"cve": "CVE-2024-6609",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-6609"
}
],
"notes": [
{
"category": "general",
"text": "When almost out-of-memory an elliptic curve key which was never allocated could have been freed again. This vulnerability affects Firefox \u003c 128 and Thunderbird \u003c 128.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-6609",
"url": "https://www.suse.com/security/cve/CVE-2024-6609"
},
{
"category": "external",
"summary": "SUSE Bug 1226316 for CVE-2024-6609",
"url": "https://bugzilla.suse.com/1226316"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-17T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2024-6609"
},
{
"cve": "CVE-2024-6610",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-6610"
}
],
"notes": [
{
"category": "general",
"text": "Form validation popups could capture escape key presses. Therefore, spamming form validation messages could be used to prevent users from exiting full-screen mode. This vulnerability affects Firefox \u003c 128 and Thunderbird \u003c 128.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-6610",
"url": "https://www.suse.com/security/cve/CVE-2024-6610"
},
{
"category": "external",
"summary": "SUSE Bug 1226316 for CVE-2024-6610",
"url": "https://bugzilla.suse.com/1226316"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-17T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2024-6610"
},
{
"cve": "CVE-2024-6611",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-6611"
}
],
"notes": [
{
"category": "general",
"text": "A nested iframe, triggering a cross-site navigation, could send SameSite=Strict or Lax cookies. This vulnerability affects Firefox \u003c 128 and Thunderbird \u003c 128.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-6611",
"url": "https://www.suse.com/security/cve/CVE-2024-6611"
},
{
"category": "external",
"summary": "SUSE Bug 1226316 for CVE-2024-6611",
"url": "https://bugzilla.suse.com/1226316"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-17T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2024-6611"
},
{
"cve": "CVE-2024-6612",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-6612"
}
],
"notes": [
{
"category": "general",
"text": "CSP violations generated links in the console tab of the developer tools, pointing to the violating resource. This caused a DNS prefetch which leaked that a CSP violation happened. This vulnerability affects Firefox \u003c 128 and Thunderbird \u003c 128.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-6612",
"url": "https://www.suse.com/security/cve/CVE-2024-6612"
},
{
"category": "external",
"summary": "SUSE Bug 1226316 for CVE-2024-6612",
"url": "https://bugzilla.suse.com/1226316"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.1,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-17T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2024-6612"
},
{
"cve": "CVE-2024-6613",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-6613"
}
],
"notes": [
{
"category": "general",
"text": "The frame iterator could get stuck in a loop when encountering certain wasm frames leading to incorrect stack traces. This vulnerability affects Firefox \u003c 128 and Thunderbird \u003c 128.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-6613",
"url": "https://www.suse.com/security/cve/CVE-2024-6613"
},
{
"category": "external",
"summary": "SUSE Bug 1226316 for CVE-2024-6613",
"url": "https://bugzilla.suse.com/1226316"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-17T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2024-6613"
},
{
"cve": "CVE-2024-6614",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-6614"
}
],
"notes": [
{
"category": "general",
"text": "The frame iterator could get stuck in a loop when encountering certain wasm frames leading to incorrect stack traces. This vulnerability affects Firefox \u003c 128 and Thunderbird \u003c 128.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-6614",
"url": "https://www.suse.com/security/cve/CVE-2024-6614"
},
{
"category": "external",
"summary": "SUSE Bug 1226316 for CVE-2024-6614",
"url": "https://bugzilla.suse.com/1226316"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-17T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2024-6614"
},
{
"cve": "CVE-2024-6615",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-6615"
}
],
"notes": [
{
"category": "general",
"text": "Memory safety bugs present in Firefox 127 and Thunderbird 127. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 128 and Thunderbird \u003c 128.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-6615",
"url": "https://www.suse.com/security/cve/CVE-2024-6615"
},
{
"category": "external",
"summary": "SUSE Bug 1226316 for CVE-2024-6615",
"url": "https://bugzilla.suse.com/1226316"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-17T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2024-6615"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…