Vulnerability-Lookup

CVE-2024-6608 (GCVE-0-2024-6608)

Vulnerability from cvelistv5 – Published: 2024-07-09 14:25 – Updated: 2025-10-30 16:14

Title

Cursor could be moved out of the viewport using pointerlock.

Summary

It was possible to move the cursor using pointerlock from an iframe. This allowed moving the cursor outside of the viewport and the Firefox window. This vulnerability affects Firefox < 128 and Thunderbird < 128.

Severity ?

4.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

CWE

CWE-noinfo Not enough information

Assigner

mozilla

References

3 references

URL	Tags
https://bugzilla.mozilla.org/show_bug.cgi?id=1743329
https://www.mozilla.org/security/advisories/mfsa2…
https://www.mozilla.org/security/advisories/mfsa2…

Impacted products

2 products

Vendor	Product	Version
Mozilla	Firefox	Affected: unspecified , < 128 (custom)
Mozilla	Thunderbird	Affected: unspecified , < 128 (custom)

Credits

Irvan Kurniawan

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-6608",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-07-09T15:06:03.249641Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          },
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "LOW",
              "baseScore": 4.3,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "REQUIRED",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
              "version": "3.1"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "description": "CWE-noinfo Not enough information",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-03-25T16:10:43.127Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T21:41:04.019Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1743329"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.mozilla.org/security/advisories/mfsa2024-29/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.mozilla.org/security/advisories/mfsa2024-32/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Firefox",
          "vendor": "Mozilla",
          "versions": [
            {
              "lessThan": "128",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Thunderbird",
          "vendor": "Mozilla",
          "versions": [
            {
              "lessThan": "128",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Irvan Kurniawan"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "It was possible to move the cursor using pointerlock from an iframe. This allowed moving the cursor outside of the viewport and the Firefox window. This vulnerability affects Firefox \u003c 128 and Thunderbird \u003c 128."
            }
          ],
          "value": "It was possible to move the cursor using pointerlock from an iframe. This allowed moving the cursor outside of the viewport and the Firefox window. This vulnerability affects Firefox \u003c 128 and Thunderbird \u003c 128."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-10-30T16:14:36.591Z",
        "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
        "shortName": "mozilla"
      },
      "references": [
        {
          "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1743329"
        },
        {
          "url": "https://www.mozilla.org/security/advisories/mfsa2024-29/"
        },
        {
          "url": "https://www.mozilla.org/security/advisories/mfsa2024-32/"
        }
      ],
      "title": "Cursor could be moved out of the viewport using pointerlock."
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
    "assignerShortName": "mozilla",
    "cveId": "CVE-2024-6608",
    "datePublished": "2024-07-09T14:25:58.862Z",
    "dateReserved": "2024-07-09T14:12:56.991Z",
    "dateUpdated": "2025-10-30T16:14:36.591Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2024-6608",
      "date": "2026-05-19",
      "epss": "0.00121",
      "percentile": "0.30591"
    },
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"128.0\", \"matchCriteriaId\": \"540E6900-1ECF-4138-9ABB-C3CC81FCF47B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"128.0\", \"matchCriteriaId\": \"F38B1ACE-990E-429F-BFA5-07EE4475D0F6\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"It was possible to move the cursor using pointerlock from an iframe. This allowed moving the cursor outside of the viewport and the Firefox window. This vulnerability affects Firefox \u003c 128 and Thunderbird \u003c 128.\"}, {\"lang\": \"es\", \"value\": \"Era posible mover el cursor usando el bloqueo del puntero desde un iframe. Esto permiti\\u00f3 mover el cursor fuera de la ventana gr\\u00e1fica y de la ventana de Firefox. Esta vulnerabilidad afecta a Firefox \u0026lt; 128.\"}]",
      "id": "CVE-2024-6608",
      "lastModified": "2024-11-21T09:49:59.243",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L\", \"baseScore\": 4.3, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"LOW\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 1.4}]}",
      "published": "2024-07-09T15:15:12.863",
      "references": "[{\"url\": \"https://bugzilla.mozilla.org/show_bug.cgi?id=1743329\", \"source\": \"security@mozilla.org\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"https://www.mozilla.org/security/advisories/mfsa2024-29/\", \"source\": \"security@mozilla.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://www.mozilla.org/security/advisories/mfsa2024-32/\", \"source\": \"security@mozilla.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://bugzilla.mozilla.org/show_bug.cgi?id=1743329\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"https://www.mozilla.org/security/advisories/mfsa2024-29/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://www.mozilla.org/security/advisories/mfsa2024-32/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
      "sourceIdentifier": "security@mozilla.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-noinfo\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-6608\",\"sourceIdentifier\":\"security@mozilla.org\",\"published\":\"2024-07-09T15:15:12.863\",\"lastModified\":\"2025-03-25T17:16:12.607\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"It was possible to move the cursor using pointerlock from an iframe. This allowed moving the cursor outside of the viewport and the Firefox window. This vulnerability affects Firefox \u003c 128 and Thunderbird \u003c 128.\"},{\"lang\":\"es\",\"value\":\"Era posible mover el cursor usando el bloqueo del puntero desde un iframe. Esto permiti\u00f3 mover el cursor fuera de la ventana gr\u00e1fica y de la ventana de Firefox. Esta vulnerabilidad afecta a Firefox \u0026lt; 128.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L\",\"baseScore\":4.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":2.8,\"impactScore\":1.4},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L\",\"baseScore\":4.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":2.8,\"impactScore\":1.4}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"128.0\",\"matchCriteriaId\":\"540E6900-1ECF-4138-9ABB-C3CC81FCF47B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"128.0\",\"matchCriteriaId\":\"F38B1ACE-990E-429F-BFA5-07EE4475D0F6\"}]}]}],\"references\":[{\"url\":\"https://bugzilla.mozilla.org/show_bug.cgi?id=1743329\",\"source\":\"security@mozilla.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://www.mozilla.org/security/advisories/mfsa2024-29/\",\"source\":\"security@mozilla.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.mozilla.org/security/advisories/mfsa2024-32/\",\"source\":\"security@mozilla.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://bugzilla.mozilla.org/show_bug.cgi?id=1743329\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://www.mozilla.org/security/advisories/mfsa2024-29/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.mozilla.org/security/advisories/mfsa2024-32/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://bugzilla.mozilla.org/show_bug.cgi?id=1743329\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.mozilla.org/security/advisories/mfsa2024-29/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.mozilla.org/security/advisories/mfsa2024-32/\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-01T21:41:04.019Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-6608\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-07-09T15:06:03.249641Z\"}}}, {\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 4.3, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"LOW\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"description\": \"CWE-noinfo Not enough information\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-07-09T15:06:11.666Z\"}}], \"cna\": {\"title\": \"Cursor could be moved out of the viewport using pointerlock.\", \"credits\": [{\"lang\": \"en\", \"value\": \"Irvan Kurniawan\"}], \"affected\": [{\"vendor\": \"Mozilla\", \"product\": \"Firefox\", \"versions\": [{\"status\": \"affected\", \"version\": \"unspecified\", \"lessThan\": \"128\", \"versionType\": \"custom\"}]}, {\"vendor\": \"Mozilla\", \"product\": \"Thunderbird\", \"versions\": [{\"status\": \"affected\", \"version\": \"unspecified\", \"lessThan\": \"128\", \"versionType\": \"custom\"}]}], \"references\": [{\"url\": \"https://bugzilla.mozilla.org/show_bug.cgi?id=1743329\"}, {\"url\": \"https://www.mozilla.org/security/advisories/mfsa2024-29/\"}, {\"url\": \"https://www.mozilla.org/security/advisories/mfsa2024-32/\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"It was possible to move the cursor using pointerlock from an iframe. This allowed moving the cursor outside of the viewport and the Firefox window. This vulnerability affects Firefox \u003c 128 and Thunderbird \u003c 128.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"It was possible to move the cursor using pointerlock from an iframe. This allowed moving the cursor outside of the viewport and the Firefox window. This vulnerability affects Firefox \u003c 128 and Thunderbird \u003c 128.\", \"base64\": false}]}], \"providerMetadata\": {\"orgId\": \"f16b083a-5664-49f3-a51e-8d479e5ed7fe\", \"shortName\": \"mozilla\", \"dateUpdated\": \"2025-10-30T16:14:36.591Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2024-6608\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-10-30T16:14:36.591Z\", \"dateReserved\": \"2024-07-09T14:12:56.991Z\", \"assignerOrgId\": \"f16b083a-5664-49f3-a51e-8d479e5ed7fe\", \"datePublished\": \"2024-07-09T14:25:58.862Z\", \"assignerShortName\": \"mozilla\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}

CERTFR-2024-AVI-0555

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été découvertes dans les produits Mozilla. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une atteinte à la confidentialité des données et un contournement de la politique de sécurité.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

	Vendor	Product	Description
	Mozilla	N/A	Firefox versions antérieures à 128
	Mozilla	N/A	Firefox ESR versions antérieures à 115.13

References

Title

Publication Time

Tags

Bulletin de sécurité Mozilla mfsa2024-29	2024-07-09	vendor-advisory
Bulletin de sécurité Mozilla mfsa2024-30	2024-07-09	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Firefox versions ant\u00e9rieures \u00e0 128",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Mozilla",
          "scada": false
        }
      }
    },
    {
      "description": "Firefox ESR versions ant\u00e9rieures \u00e0 115.13",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Mozilla",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2024-6601",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-6601"
    },
    {
      "name": "CVE-2024-6606",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-6606"
    },
    {
      "name": "CVE-2024-6603",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-6603"
    },
    {
      "name": "CVE-2024-6613",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-6613"
    },
    {
      "name": "CVE-2024-6608",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-6608"
    },
    {
      "name": "CVE-2024-6605",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-6605"
    },
    {
      "name": "CVE-2024-6614",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-6614"
    },
    {
      "name": "CVE-2024-6600",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-6600"
    },
    {
      "name": "CVE-2024-6611",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-6611"
    },
    {
      "name": "CVE-2024-6604",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-6604"
    },
    {
      "name": "CVE-2024-6602",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-6602"
    },
    {
      "name": "CVE-2024-6610",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-6610"
    },
    {
      "name": "CVE-2024-6612",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-6612"
    },
    {
      "name": "CVE-2024-6615",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-6615"
    },
    {
      "name": "CVE-2024-6607",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-6607"
    },
    {
      "name": "CVE-2024-6609",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-6609"
    }
  ],
  "links": [],
  "reference": "CERTFR-2024-AVI-0555",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2024-07-10T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Mozilla. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et un contournement de la politique de s\u00e9curit\u00e9.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Mozilla",
  "vendor_advisories": [
    {
      "published_at": "2024-07-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Mozilla mfsa2024-29",
      "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-29/"
    },
    {
      "published_at": "2024-07-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Mozilla mfsa2024-30",
      "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-30/"
    }
  ]
}

CERTFR-2024-AVI-0588

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été découvertes dans Mozilla Thunderbird. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un contournement de la politique de sécurité et un problème de sécurité non spécifié par l'éditeur.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

	Vendor	Product	Description
	Mozilla	Thunderbird	Thunderbird versions antérieures à 115.13
	Mozilla	Thunderbird	Thunderbird versions antérieures à 128

References

Title

Publication Time

Tags

Bulletin de sécurité Mozilla mfsa2024-31	2024-07-15	vendor-advisory
Bulletin de sécurité Mozilla mfsa2024-32	2024-07-11	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Thunderbird versions ant\u00e9rieures \u00e0 115.13",
      "product": {
        "name": "Thunderbird",
        "vendor": {
          "name": "Mozilla",
          "scada": false
        }
      }
    },
    {
      "description": "Thunderbird versions ant\u00e9rieures \u00e0 128",
      "product": {
        "name": "Thunderbird",
        "vendor": {
          "name": "Mozilla",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2024-6601",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-6601"
    },
    {
      "name": "CVE-2024-6606",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-6606"
    },
    {
      "name": "CVE-2024-6603",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-6603"
    },
    {
      "name": "CVE-2024-6613",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-6613"
    },
    {
      "name": "CVE-2024-6608",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-6608"
    },
    {
      "name": "CVE-2024-6614",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-6614"
    },
    {
      "name": "CVE-2024-6600",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-6600"
    },
    {
      "name": "CVE-2024-6611",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-6611"
    },
    {
      "name": "CVE-2024-6604",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-6604"
    },
    {
      "name": "CVE-2024-6602",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-6602"
    },
    {
      "name": "CVE-2024-6610",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-6610"
    },
    {
      "name": "CVE-2024-6612",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-6612"
    },
    {
      "name": "CVE-2024-6615",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-6615"
    },
    {
      "name": "CVE-2024-6607",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-6607"
    },
    {
      "name": "CVE-2024-6609",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-6609"
    }
  ],
  "links": [],
  "reference": "CERTFR-2024-AVI-0588",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2024-07-17T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Mozilla Thunderbird. Elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un contournement de la politique de s\u00e9curit\u00e9 et un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Mozilla Thunderbird",
  "vendor_advisories": [
    {
      "published_at": "2024-07-15",
      "title": "Bulletin de s\u00e9curit\u00e9 Mozilla mfsa2024-31",
      "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-31/"
    },
    {
      "published_at": "2024-07-11",
      "title": "Bulletin de s\u00e9curit\u00e9 Mozilla mfsa2024-32",
      "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-32/"
    }
  ]
}

CERTFR-2024-AVI-0555

Vulnerability from certfr_avis - Published: - Updated:

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

	Vendor	Product	Description
	Mozilla	N/A	Firefox versions antérieures à 128
	Mozilla	N/A	Firefox ESR versions antérieures à 115.13

References

Title

Publication Time

Tags

Bulletin de sécurité Mozilla mfsa2024-29	2024-07-09	vendor-advisory
Bulletin de sécurité Mozilla mfsa2024-30	2024-07-09	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Firefox versions ant\u00e9rieures \u00e0 128",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Mozilla",
          "scada": false
        }
      }
    },
    {
      "description": "Firefox ESR versions ant\u00e9rieures \u00e0 115.13",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Mozilla",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2024-6601",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-6601"
    },
    {
      "name": "CVE-2024-6606",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-6606"
    },
    {
      "name": "CVE-2024-6603",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-6603"
    },
    {
      "name": "CVE-2024-6613",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-6613"
    },
    {
      "name": "CVE-2024-6608",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-6608"
    },
    {
      "name": "CVE-2024-6605",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-6605"
    },
    {
      "name": "CVE-2024-6614",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-6614"
    },
    {
      "name": "CVE-2024-6600",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-6600"
    },
    {
      "name": "CVE-2024-6611",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-6611"
    },
    {
      "name": "CVE-2024-6604",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-6604"
    },
    {
      "name": "CVE-2024-6602",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-6602"
    },
    {
      "name": "CVE-2024-6610",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-6610"
    },
    {
      "name": "CVE-2024-6612",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-6612"
    },
    {
      "name": "CVE-2024-6615",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-6615"
    },
    {
      "name": "CVE-2024-6607",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-6607"
    },
    {
      "name": "CVE-2024-6609",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-6609"
    }
  ],
  "links": [],
  "reference": "CERTFR-2024-AVI-0555",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2024-07-10T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Mozilla. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et un contournement de la politique de s\u00e9curit\u00e9.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Mozilla",
  "vendor_advisories": [
    {
      "published_at": "2024-07-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Mozilla mfsa2024-29",
      "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-29/"
    },
    {
      "published_at": "2024-07-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Mozilla mfsa2024-30",
      "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-30/"
    }
  ]
}

CERTFR-2024-AVI-0588

Vulnerability from certfr_avis - Published: - Updated:

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

	Vendor	Product	Description
	Mozilla	Thunderbird	Thunderbird versions antérieures à 115.13
	Mozilla	Thunderbird	Thunderbird versions antérieures à 128

References

Title

Publication Time

Tags

Bulletin de sécurité Mozilla mfsa2024-31	2024-07-15	vendor-advisory
Bulletin de sécurité Mozilla mfsa2024-32	2024-07-11	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Thunderbird versions ant\u00e9rieures \u00e0 115.13",
      "product": {
        "name": "Thunderbird",
        "vendor": {
          "name": "Mozilla",
          "scada": false
        }
      }
    },
    {
      "description": "Thunderbird versions ant\u00e9rieures \u00e0 128",
      "product": {
        "name": "Thunderbird",
        "vendor": {
          "name": "Mozilla",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2024-6601",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-6601"
    },
    {
      "name": "CVE-2024-6606",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-6606"
    },
    {
      "name": "CVE-2024-6603",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-6603"
    },
    {
      "name": "CVE-2024-6613",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-6613"
    },
    {
      "name": "CVE-2024-6608",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-6608"
    },
    {
      "name": "CVE-2024-6614",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-6614"
    },
    {
      "name": "CVE-2024-6600",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-6600"
    },
    {
      "name": "CVE-2024-6611",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-6611"
    },
    {
      "name": "CVE-2024-6604",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-6604"
    },
    {
      "name": "CVE-2024-6602",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-6602"
    },
    {
      "name": "CVE-2024-6610",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-6610"
    },
    {
      "name": "CVE-2024-6612",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-6612"
    },
    {
      "name": "CVE-2024-6615",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-6615"
    },
    {
      "name": "CVE-2024-6607",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-6607"
    },
    {
      "name": "CVE-2024-6609",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-6609"
    }
  ],
  "links": [],
  "reference": "CERTFR-2024-AVI-0588",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2024-07-17T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Mozilla Thunderbird. Elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un contournement de la politique de s\u00e9curit\u00e9 et un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Mozilla Thunderbird",
  "vendor_advisories": [
    {
      "published_at": "2024-07-15",
      "title": "Bulletin de s\u00e9curit\u00e9 Mozilla mfsa2024-31",
      "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-31/"
    },
    {
      "published_at": "2024-07-11",
      "title": "Bulletin de s\u00e9curit\u00e9 Mozilla mfsa2024-32",
      "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-32/"
    }
  ]
}

BDU:2024-09021

Vulnerability from fstec - Published: 09.07.2024

Title

Уязвимость веб-браузера Firefox, связанная с небезопасным внешним контролем за критическими данными состояния, позволяющая нарушителю вызвать отказ в обслуживании

Description

Уязвимость веб-браузера Firefox связана с небезопасным внешним контролем за критическими данными состояния. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, вызвать отказ в обслуживании

Severity ?


                    
                      AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

Vendor

ООО «РусБИТех-Астра», Mozilla Corp., АО "НППКТ"

Software Name

Astra Linux Special Edition (запись в едином реестре российских программ №369), Astra Linux Common Edition (запись в едином реестре российских программ №4433), Firefox, Thunderbird, ОСОН ОСнова Оnyx (запись в едином реестре российских программ №5913)

Software Version

1.7 (Astra Linux Special Edition), 4.7 (Astra Linux Special Edition), 1.6 «Смоленск» (Astra Linux Common Edition), до 128 (Firefox), до 128 (Thunderbird), до 2.12 (ОСОН ОСнова Оnyx)

Possible Mitigations

Для Firefox: использование рекомендаций производителя: https://www.mozilla.org/security/advisories/mfsa2024-29/ https://www.mozilla.org/security/advisories/mfsa2024-32/ Для ОС Astra Linux: обновить пакет firefox до 128.0+build2-0ubuntu0.20.04.1+ci202407111318+astra13 или более высокой версии, используя рекомендации производителя: https://wiki.astralinux.ru/astra-linux-se16-bulletin-20241017SE16 Для ОС Astra Linux Special Edition 4.7: использование рекомендаций производителя: https://wiki.astralinux.ru/astra-linux-se47-bulletin-2024-1031SE47 Для ОС Astra Linux: обновить пакет firefox до 131.0.2+build1-0ubuntu0.20.04.1~mt1+ci202410111226+astra13 или более высокой версии, используя рекомендации производителя: https://wiki.astralinux.ru/astra-linux-se17-bulletin-2024-1108SE17MD Обновление программного обеспечения firefox-esr до версии 128.6.0esr+repack-1~deb11u3.osnova2u1 Обновление программного обеспечения thunderbird до версии 1:128.6.0esr+repack-1~deb11u1.osnova2u1

Reference

https://bugzilla.mozilla.org/show_bug.cgi?id=1743329 https://nvd.nist.gov/vuln/detail/CVE-2024-6608 https://security-tracker.debian.org/tracker/CVE-2024-6608 https://wiki.astralinux.ru/astra-linux-se16-bulletin-20241017SE16 https://www.mozilla.org/en-US/security/advisories/mfsa2024-29/ https://www.mozilla.org/security/advisories/mfsa2024-29/ https://www.mozilla.org/security/advisories/mfsa2024-32/ https://wiki.astralinux.ru/astra-linux-se47-bulletin-2024-1031SE47 https://wiki.astralinux.ru/astra-linux-se17-bulletin-2024-1108SE17MD https://поддержка.нппкт.рф/bin/view/ОСнова/Обновления/2.12/ https://поддержка.нппкт.рф/bin/view/ОСнова/Обновления/2.12/

CWE

CWE-642

JSON

To clipboard

{
  "CVSS 2.0": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
  "CVSS 3.0": "AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "\u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb, Mozilla Corp., \u0410\u041e \"\u041d\u041f\u041f\u041a\u0422\"",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "1.7 (Astra Linux Special Edition), 4.7 (Astra Linux Special Edition), 1.6 \u00ab\u0421\u043c\u043e\u043b\u0435\u043d\u0441\u043a\u00bb (Astra Linux Common Edition), \u0434\u043e 128 (Firefox), \u0434\u043e 128 (Thunderbird), \u0434\u043e 2.12 (\u041e\u0421\u041e\u041d \u041e\u0421\u043d\u043e\u0432\u0430 \u041enyx)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0414\u043b\u044f Firefox:\n\u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f:\nhttps://www.mozilla.org/security/advisories/mfsa2024-29/\nhttps://www.mozilla.org/security/advisories/mfsa2024-32/\n\n\u0414\u043b\u044f \u041e\u0421 Astra Linux:\n\u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0430\u043a\u0435\u0442 firefox \u0434\u043e 128.0+build2-0ubuntu0.20.04.1+ci202407111318+astra13 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se16-bulletin-20241017SE16\n\n\u0414\u043b\u044f \u041e\u0421 Astra Linux Special Edition 4.7:\n\u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se47-bulletin-2024-1031SE47\n\n\u0414\u043b\u044f \u041e\u0421 Astra Linux:\n\u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0430\u043a\u0435\u0442 firefox \u0434\u043e 131.0.2+build1-0ubuntu0.20.04.1~mt1+ci202410111226+astra13 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se17-bulletin-2024-1108SE17MD\n\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f firefox-esr \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 128.6.0esr+repack-1~deb11u3.osnova2u1\n\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f thunderbird \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 1:128.6.0esr+repack-1~deb11u1.osnova2u1",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "09.07.2024",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "21.03.2025",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "07.11.2024",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2024-09021",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2024-6608",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Astra Linux Special Edition (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), Astra Linux Common Edition (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21164433), Firefox, Thunderbird, \u041e\u0421\u041e\u041d \u041e\u0421\u043d\u043e\u0432\u0430 \u041enyx (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21165913)",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "\u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition 1.7  (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition 4.7 ARM (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Common Edition 1.6 \u00ab\u0421\u043c\u043e\u043b\u0435\u043d\u0441\u043a\u00bb  (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21164433), \u0410\u041e \"\u041d\u041f\u041f\u041a\u0422\" \u041e\u0421\u041e\u041d \u041e\u0421\u043d\u043e\u0432\u0430 \u041enyx \u0434\u043e 2.12  (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21165913)",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u0435\u0431-\u0431\u0440\u0430\u0443\u0437\u0435\u0440\u0430 Firefox, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u043d\u0435\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u044b\u043c \u0432\u043d\u0435\u0448\u043d\u0438\u043c \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u0435\u043c \u0437\u0430 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u043c\u0438 \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u044f, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u0412\u043d\u0435\u0448\u043d\u0438\u0439 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c \u0437\u0430 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u043c\u0438 \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u044f (CWE-642)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u0435\u0431-\u0431\u0440\u0430\u0443\u0437\u0435\u0440\u0430 Firefox \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u044b\u043c \u0432\u043d\u0435\u0448\u043d\u0438\u043c \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u0435\u043c \u0437\u0430 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u043c\u0438 \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u044f. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e, \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0430\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u0445",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://bugzilla.mozilla.org/show_bug.cgi?id=1743329\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-6608\nhttps://security-tracker.debian.org/tracker/CVE-2024-6608\nhttps://wiki.astralinux.ru/astra-linux-se16-bulletin-20241017SE16\nhttps://www.mozilla.org/en-US/security/advisories/mfsa2024-29/\nhttps://www.mozilla.org/security/advisories/mfsa2024-29/\nhttps://www.mozilla.org/security/advisories/mfsa2024-32/\nhttps://wiki.astralinux.ru/astra-linux-se47-bulletin-2024-1031SE47\nhttps://wiki.astralinux.ru/astra-linux-se17-bulletin-2024-1108SE17MD\nhttps://\u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0430.\u043d\u043f\u043f\u043a\u0442.\u0440\u0444/bin/view/\u041e\u0421\u043d\u043e\u0432\u0430/\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f/2.12/\nhttps://\u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0430.\u043d\u043f\u043f\u043a\u0442.\u0440\u0444/bin/view/\u041e\u0421\u043d\u043e\u0432\u0430/\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f/2.12/",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430, \u041f\u0440\u0438\u043a\u043b\u0430\u0434\u043d\u043e\u0435 \u041f\u041e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-642",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 5)\n\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 4,3)"
}

CNVD-2024-36722

Vulnerability from cnvd - Published: 2024-08-30

Title

Mozilla Firefox和Thunderbird安全绕过漏洞（CNVD-2024-36722）

Description

Mozilla Firefox是美国Mozilla基金会的一款开源Web浏览器。 Mozilla Firefox存在安全漏洞，该漏洞是由于使用iframe中的pointerlock移动光标时出错造成的。攻击者可利用该漏洞绕过安全限制。

Severity

高

Patch Name

Mozilla Firefox和Thunderbird安全绕过漏洞（CNVD-2024-36722）的补丁

Patch Description

Mozilla Firefox是美国Mozilla基金会的一款开源Web浏览器。 Mozilla Firefox存在安全漏洞，该漏洞是由于使用iframe中的pointerlock移动光标时出错造成的。攻击者可利用该漏洞绕过安全限制。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

厂商已发布了漏洞修复程序，请及时关注更新： https://www.mozilla.org/security/advisories/mfsa2024-29/

Reference

https://bugzilla.mozilla.org/show_bug.cgi?id=1743329

Impacted products

Name
['Mozilla Firefox <128', 'mozilla Thunderbird < 128']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2024-6608",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2024-6608"
    }
  },
  "description": "Mozilla Firefox\u662f\u7f8e\u56fdMozilla\u57fa\u91d1\u4f1a\u7684\u4e00\u6b3e\u5f00\u6e90Web\u6d4f\u89c8\u5668\u3002\n\nMozilla Firefox\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u662f\u7531\u4e8e\u4f7f\u7528iframe\u4e2d\u7684pointerlock\u79fb\u52a8\u5149\u6807\u65f6\u51fa\u9519\u9020\u6210\u7684\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u7ed5\u8fc7\u5b89\u5168\u9650\u5236\u3002",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://www.mozilla.org/security/advisories/mfsa2024-29/",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2024-36722",
  "openTime": "2024-08-30",
  "patchDescription": "Mozilla Firefox\u662f\u7f8e\u56fdMozilla\u57fa\u91d1\u4f1a\u7684\u4e00\u6b3e\u5f00\u6e90Web\u6d4f\u89c8\u5668\u3002\r\n\r\nMozilla Firefox\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u662f\u7531\u4e8e\u4f7f\u7528iframe\u4e2d\u7684pointerlock\u79fb\u52a8\u5149\u6807\u65f6\u51fa\u9519\u9020\u6210\u7684\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u7ed5\u8fc7\u5b89\u5168\u9650\u5236\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Mozilla Firefox\u548cThunderbird\u5b89\u5168\u7ed5\u8fc7\u6f0f\u6d1e\uff08CNVD-2024-36722\uff09\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Mozilla Firefox \u003c128",
      "mozilla Thunderbird \u003c 128"
    ]
  },
  "referenceLink": "https://bugzilla.mozilla.org/show_bug.cgi?id=1743329",
  "serverity": "\u9ad8",
  "submitTime": "2024-07-12",
  "title": "Mozilla Firefox\u548cThunderbird\u5b89\u5168\u7ed5\u8fc7\u6f0f\u6d1e\uff08CNVD-2024-36722\uff09"
}

FKIE_CVE-2024-6608

Vulnerability from fkie_nvd - Published: 2024-07-09 15:15 - Updated: 2025-03-25 17:16

Severity ?

4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

Summary

References

URL	Tags
security@mozilla.org	https://bugzilla.mozilla.org/show_bug.cgi?id=1743329	Issue Tracking
security@mozilla.org	https://www.mozilla.org/security/advisories/mfsa2024-29/	Vendor Advisory
security@mozilla.org	https://www.mozilla.org/security/advisories/mfsa2024-32/	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.mozilla.org/show_bug.cgi?id=1743329	Issue Tracking
af854a3a-2127-422b-91ae-364da2661108	https://www.mozilla.org/security/advisories/mfsa2024-29/	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.mozilla.org/security/advisories/mfsa2024-32/	Vendor Advisory

Impacted products

	Vendor	Product	Version
	mozilla	firefox	*
	mozilla	thunderbird	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "540E6900-1ECF-4138-9ABB-C3CC81FCF47B",
              "versionEndExcluding": "128.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F38B1ACE-990E-429F-BFA5-07EE4475D0F6",
              "versionEndExcluding": "128.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "It was possible to move the cursor using pointerlock from an iframe. This allowed moving the cursor outside of the viewport and the Firefox window. This vulnerability affects Firefox \u003c 128 and Thunderbird \u003c 128."
    },
    {
      "lang": "es",
      "value": "Era posible mover el cursor usando el bloqueo del puntero desde un iframe. Esto permiti\u00f3 mover el cursor fuera de la ventana gr\u00e1fica y de la ventana de Firefox. Esta vulnerabilidad afecta a Firefox \u0026lt; 128."
    }
  ],
  "id": "CVE-2024-6608",
  "lastModified": "2025-03-25T17:16:12.607",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "LOW",
          "baseScore": 4.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 1.4,
        "source": "nvd@nist.gov",
        "type": "Primary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "LOW",
          "baseScore": 4.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 1.4,
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "type": "Secondary"
      }
    ]
  },
  "published": "2024-07-09T15:15:12.863",
  "references": [
    {
      "source": "security@mozilla.org",
      "tags": [
        "Issue Tracking"
      ],
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1743329"
    },
    {
      "source": "security@mozilla.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.mozilla.org/security/advisories/mfsa2024-29/"
    },
    {
      "source": "security@mozilla.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.mozilla.org/security/advisories/mfsa2024-32/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking"
      ],
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1743329"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.mozilla.org/security/advisories/mfsa2024-29/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.mozilla.org/security/advisories/mfsa2024-32/"
    }
  ],
  "sourceIdentifier": "security@mozilla.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GHSA-VR96-9XQ4-Q4JP

Vulnerability from github – Published: 2024-07-09 15:30 – Updated: 2024-08-29 21:31

Details

It was possible to move the cursor using pointerlock from an iframe. This allowed moving the cursor outside of the viewport and the Firefox window. This vulnerability affects Firefox < 128.

Severity ?

4.3 (Medium)


                  
                    CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2024-6608"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-07-09T15:15:12Z",
    "severity": "MODERATE"
  },
  "details": "It was possible to move the cursor using pointerlock from an iframe. This allowed moving the cursor outside of the viewport and the Firefox window. This vulnerability affects Firefox \u003c 128.",
  "id": "GHSA-vr96-9xq4-q4jp",
  "modified": "2024-08-29T21:31:03Z",
  "published": "2024-07-09T15:30:54Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-6608"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1743329"
    },
    {
      "type": "WEB",
      "url": "https://www.mozilla.org/security/advisories/mfsa2024-29"
    },
    {
      "type": "WEB",
      "url": "https://www.mozilla.org/security/advisories/mfsa2024-32"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
      "type": "CVSS_V3"
    }
  ]
}

MSRC_CVE-2024-6608

Vulnerability from csaf_microsoft - Published: 2024-07-01 07:00 - Updated: 2026-02-18 02:30

Summary

Notes

Additional Resources: To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle

Disclaimer: The information provided in the Microsoft Knowledge Base is provided \"as is\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.

CVE-2024-6608

Affected products

Known not affected 1 product

Product	Identifier	Version	Remediation
Unresolved product id: 17084-1		—

References

4 references

URL	Category
https://msrc.microsoft.com/csaf/vex/2024/msrc_cve…	self
https://support.microsoft.com/lifecycle	external
https://www.first.org/cvss	external
https://msrc.microsoft.com/csaf/vex/2024/msrc_cve…	self

JSON

To clipboard

{
  "document": {
    "category": "csaf_vex",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Public",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en-US",
    "notes": [
      {
        "category": "general",
        "text": "To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle",
        "title": "Additional Resources"
      },
      {
        "category": "legal_disclaimer",
        "text": "The information provided in the Microsoft Knowledge Base is provided \\\"as is\\\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.",
        "title": "Disclaimer"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "secure@microsoft.com",
      "name": "Microsoft Security Response Center",
      "namespace": "https://msrc.microsoft.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "CVE-2024-6608 It was possible to move the cursor using pointerlock from an iframe. This allowed moving the cursor outside of the viewport and the Firefox window. This vulnerability affects Firefox \u003c 128 and Thunderbird \u003c 128. - VEX",
        "url": "https://msrc.microsoft.com/csaf/vex/2024/msrc_cve-2024-6608.json"
      },
      {
        "category": "external",
        "summary": "Microsoft Support Lifecycle",
        "url": "https://support.microsoft.com/lifecycle"
      },
      {
        "category": "external",
        "summary": "Common Vulnerability Scoring System",
        "url": "https://www.first.org/cvss"
      }
    ],
    "title": "It was possible to move the cursor using pointerlock from an iframe. This allowed moving the cursor outside of the viewport and the Firefox window. This vulnerability affects Firefox \u003c 128 and Thunderbird \u003c 128.",
    "tracking": {
      "current_release_date": "2026-02-18T02:30:11.000Z",
      "generator": {
        "date": "2026-02-18T10:54:58.497Z",
        "engine": {
          "name": "MSRC Generator",
          "version": "1.0"
        }
      },
      "id": "msrc_CVE-2024-6608",
      "initial_release_date": "2024-07-01T07:00:00.000Z",
      "revision_history": [
        {
          "date": "2025-09-03T23:24:05.000Z",
          "legacy_version": "1",
          "number": "1",
          "summary": "Information published."
        },
        {
          "date": "2026-02-18T02:30:11.000Z",
          "legacy_version": "1.1",
          "number": "2",
          "summary": "Information published."
        }
      ],
      "status": "final",
      "version": "2"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "3.0",
                "product": {
                  "name": "Azure Linux 3.0",
                  "product_id": "17084"
                }
              }
            ],
            "category": "product_name",
            "name": "Azure Linux"
          },
          {
            "category": "product_name",
            "name": "azl3 mozjs 102.15.1-1",
            "product": {
              "name": "azl3 mozjs 102.15.1-1",
              "product_id": "1"
            }
          }
        ],
        "category": "vendor",
        "name": "Microsoft"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "azl3 mozjs 102.15.1-1 as a component of Azure Linux 3.0",
          "product_id": "17084-1"
        },
        "product_reference": "1",
        "relates_to_product_reference": "17084"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-6608",
      "flags": [
        {
          "label": "component_not_present",
          "product_ids": [
            "17084-1"
          ]
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "mozilla",
          "title": "Assigning CNA"
        }
      ],
      "product_status": {
        "known_not_affected": [
          "17084-1"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-6608 It was possible to move the cursor using pointerlock from an iframe. This allowed moving the cursor outside of the viewport and the Firefox window. This vulnerability affects Firefox \u003c 128 and Thunderbird \u003c 128. - VEX",
          "url": "https://msrc.microsoft.com/csaf/vex/2024/msrc_cve-2024-6608.json"
        }
      ],
      "title": "It was possible to move the cursor using pointerlock from an iframe. This allowed moving the cursor outside of the viewport and the Firefox window. This vulnerability affects Firefox \u003c 128 and Thunderbird \u003c 128."
    }
  ]
}

OPENSUSE-SU-2024:14197-1

Vulnerability from csaf_opensuse - Published: 2024-07-17 00:00 - Updated: 2024-07-17 00:00

Summary

MozillaFirefox-128.0-1.1 on GA media

Severity

Moderate

Notes

Title of the patch: MozillaFirefox-128.0-1.1 on GA media

Description of the patch: These are all security issues fixed in the MozillaFirefox-128.0-1.1 package on the GA media of openSUSE Tumbleweed.

Patchnames: openSUSE-Tumbleweed-2024-14197

CVE-2024-6600

6.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

Affected products

Recommended 20 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2024-6601

4.7 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N

Affected products

Recommended 20 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2024-6602

6.1 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:L

Affected products

Recommended 20 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2024-6603

5.4 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L

Affected products

Recommended 20 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2024-6604

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected products

Recommended 20 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2024-6605

8.1 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N

Affected products

Recommended 20 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2024-6606

8.2 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:L

Affected products

Recommended 20 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2024-6607

5.4 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

Affected products

Recommended 20 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2024-6608

4.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

Affected products

Recommended 20 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2024-6609

4.7 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:L/A:L

Affected products

Recommended 20 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2024-6610

4.7 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:L

Affected products

Recommended 20 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2024-6611

4.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

Affected products

Recommended 20 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2024-6612

3.1 (Low)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N

Affected products

Recommended 20 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2024-6613

Affected products

Recommended 20 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2024-6614

4.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Affected products

Recommended 20 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2024-6615

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected products

Recommended 20 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64	—	Vendor Fix

Threats

Impact important

References

50 references

URL	Category
https://www.suse.com/support/security/rating/	external
https://ftp.suse.com/pub/projects/security/csaf/o…	self
https://www.suse.com/security/cve/CVE-2024-6600/	self
https://www.suse.com/security/cve/CVE-2024-6601/	self
https://www.suse.com/security/cve/CVE-2024-6602/	self
https://www.suse.com/security/cve/CVE-2024-6603/	self
https://www.suse.com/security/cve/CVE-2024-6604/	self
https://www.suse.com/security/cve/CVE-2024-6605/	self
https://www.suse.com/security/cve/CVE-2024-6606/	self
https://www.suse.com/security/cve/CVE-2024-6607/	self
https://www.suse.com/security/cve/CVE-2024-6608/	self
https://www.suse.com/security/cve/CVE-2024-6609/	self
https://www.suse.com/security/cve/CVE-2024-6610/	self
https://www.suse.com/security/cve/CVE-2024-6611/	self
https://www.suse.com/security/cve/CVE-2024-6612/	self
https://www.suse.com/security/cve/CVE-2024-6613/	self
https://www.suse.com/security/cve/CVE-2024-6614/	self
https://www.suse.com/security/cve/CVE-2024-6615/	self
https://www.suse.com/security/cve/CVE-2024-6600	external
https://bugzilla.suse.com/1226316	external
https://www.suse.com/security/cve/CVE-2024-6601	external
https://bugzilla.suse.com/1226316	external
https://www.suse.com/security/cve/CVE-2024-6602	external
https://bugzilla.suse.com/1226316	external
https://www.suse.com/security/cve/CVE-2024-6603	external
https://bugzilla.suse.com/1226316	external
https://www.suse.com/security/cve/CVE-2024-6604	external
https://bugzilla.suse.com/1226316	external
https://www.suse.com/security/cve/CVE-2024-6605	external
https://bugzilla.suse.com/1226316	external
https://www.suse.com/security/cve/CVE-2024-6606	external
https://bugzilla.suse.com/1226316	external
https://www.suse.com/security/cve/CVE-2024-6607	external
https://bugzilla.suse.com/1226316	external
https://www.suse.com/security/cve/CVE-2024-6608	external
https://bugzilla.suse.com/1226316	external
https://www.suse.com/security/cve/CVE-2024-6609	external
https://bugzilla.suse.com/1226316	external
https://www.suse.com/security/cve/CVE-2024-6610	external
https://bugzilla.suse.com/1226316	external
https://www.suse.com/security/cve/CVE-2024-6611	external
https://bugzilla.suse.com/1226316	external
https://www.suse.com/security/cve/CVE-2024-6612	external
https://bugzilla.suse.com/1226316	external
https://www.suse.com/security/cve/CVE-2024-6613	external
https://bugzilla.suse.com/1226316	external
https://www.suse.com/security/cve/CVE-2024-6614	external
https://bugzilla.suse.com/1226316	external
https://www.suse.com/security/cve/CVE-2024-6615	external
https://bugzilla.suse.com/1226316	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "MozillaFirefox-128.0-1.1 on GA media",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "These are all security issues fixed in the MozillaFirefox-128.0-1.1 package on the GA media of openSUSE Tumbleweed.",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "openSUSE-Tumbleweed-2024-14197",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_14197-1.json"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-6600 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-6600/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-6601 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-6601/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-6602 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-6602/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-6603 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-6603/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-6604 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-6604/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-6605 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-6605/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-6606 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-6606/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-6607 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-6607/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-6608 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-6608/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-6609 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-6609/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-6610 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-6610/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-6611 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-6611/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-6612 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-6612/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-6613 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-6613/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-6614 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-6614/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-6615 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-6615/"
      }
    ],
    "title": "MozillaFirefox-128.0-1.1 on GA media",
    "tracking": {
      "current_release_date": "2024-07-17T00:00:00Z",
      "generator": {
        "date": "2024-07-17T00:00:00Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "openSUSE-SU-2024:14197-1",
      "initial_release_date": "2024-07-17T00:00:00Z",
      "revision_history": [
        {
          "date": "2024-07-17T00:00:00Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "MozillaFirefox-128.0-1.1.aarch64",
                "product": {
                  "name": "MozillaFirefox-128.0-1.1.aarch64",
                  "product_id": "MozillaFirefox-128.0-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "MozillaFirefox-branding-upstream-128.0-1.1.aarch64",
                "product": {
                  "name": "MozillaFirefox-branding-upstream-128.0-1.1.aarch64",
                  "product_id": "MozillaFirefox-branding-upstream-128.0-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "MozillaFirefox-devel-128.0-1.1.aarch64",
                "product": {
                  "name": "MozillaFirefox-devel-128.0-1.1.aarch64",
                  "product_id": "MozillaFirefox-devel-128.0-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "MozillaFirefox-translations-common-128.0-1.1.aarch64",
                "product": {
                  "name": "MozillaFirefox-translations-common-128.0-1.1.aarch64",
                  "product_id": "MozillaFirefox-translations-common-128.0-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "MozillaFirefox-translations-other-128.0-1.1.aarch64",
                "product": {
                  "name": "MozillaFirefox-translations-other-128.0-1.1.aarch64",
                  "product_id": "MozillaFirefox-translations-other-128.0-1.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "MozillaFirefox-128.0-1.1.ppc64le",
                "product": {
                  "name": "MozillaFirefox-128.0-1.1.ppc64le",
                  "product_id": "MozillaFirefox-128.0-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "MozillaFirefox-branding-upstream-128.0-1.1.ppc64le",
                "product": {
                  "name": "MozillaFirefox-branding-upstream-128.0-1.1.ppc64le",
                  "product_id": "MozillaFirefox-branding-upstream-128.0-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "MozillaFirefox-devel-128.0-1.1.ppc64le",
                "product": {
                  "name": "MozillaFirefox-devel-128.0-1.1.ppc64le",
                  "product_id": "MozillaFirefox-devel-128.0-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "MozillaFirefox-translations-common-128.0-1.1.ppc64le",
                "product": {
                  "name": "MozillaFirefox-translations-common-128.0-1.1.ppc64le",
                  "product_id": "MozillaFirefox-translations-common-128.0-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "MozillaFirefox-translations-other-128.0-1.1.ppc64le",
                "product": {
                  "name": "MozillaFirefox-translations-other-128.0-1.1.ppc64le",
                  "product_id": "MozillaFirefox-translations-other-128.0-1.1.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "MozillaFirefox-128.0-1.1.s390x",
                "product": {
                  "name": "MozillaFirefox-128.0-1.1.s390x",
                  "product_id": "MozillaFirefox-128.0-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "MozillaFirefox-branding-upstream-128.0-1.1.s390x",
                "product": {
                  "name": "MozillaFirefox-branding-upstream-128.0-1.1.s390x",
                  "product_id": "MozillaFirefox-branding-upstream-128.0-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "MozillaFirefox-devel-128.0-1.1.s390x",
                "product": {
                  "name": "MozillaFirefox-devel-128.0-1.1.s390x",
                  "product_id": "MozillaFirefox-devel-128.0-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "MozillaFirefox-translations-common-128.0-1.1.s390x",
                "product": {
                  "name": "MozillaFirefox-translations-common-128.0-1.1.s390x",
                  "product_id": "MozillaFirefox-translations-common-128.0-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "MozillaFirefox-translations-other-128.0-1.1.s390x",
                "product": {
                  "name": "MozillaFirefox-translations-other-128.0-1.1.s390x",
                  "product_id": "MozillaFirefox-translations-other-128.0-1.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "MozillaFirefox-128.0-1.1.x86_64",
                "product": {
                  "name": "MozillaFirefox-128.0-1.1.x86_64",
                  "product_id": "MozillaFirefox-128.0-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "MozillaFirefox-branding-upstream-128.0-1.1.x86_64",
                "product": {
                  "name": "MozillaFirefox-branding-upstream-128.0-1.1.x86_64",
                  "product_id": "MozillaFirefox-branding-upstream-128.0-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "MozillaFirefox-devel-128.0-1.1.x86_64",
                "product": {
                  "name": "MozillaFirefox-devel-128.0-1.1.x86_64",
                  "product_id": "MozillaFirefox-devel-128.0-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "MozillaFirefox-translations-common-128.0-1.1.x86_64",
                "product": {
                  "name": "MozillaFirefox-translations-common-128.0-1.1.x86_64",
                  "product_id": "MozillaFirefox-translations-common-128.0-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "MozillaFirefox-translations-other-128.0-1.1.x86_64",
                "product": {
                  "name": "MozillaFirefox-translations-other-128.0-1.1.x86_64",
                  "product_id": "MozillaFirefox-translations-other-128.0-1.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "openSUSE Tumbleweed",
                "product": {
                  "name": "openSUSE Tumbleweed",
                  "product_id": "openSUSE Tumbleweed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:opensuse:tumbleweed"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-128.0-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64"
        },
        "product_reference": "MozillaFirefox-128.0-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-128.0-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le"
        },
        "product_reference": "MozillaFirefox-128.0-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-128.0-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x"
        },
        "product_reference": "MozillaFirefox-128.0-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-128.0-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64"
        },
        "product_reference": "MozillaFirefox-128.0-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-branding-upstream-128.0-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64"
        },
        "product_reference": "MozillaFirefox-branding-upstream-128.0-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-branding-upstream-128.0-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le"
        },
        "product_reference": "MozillaFirefox-branding-upstream-128.0-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-branding-upstream-128.0-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x"
        },
        "product_reference": "MozillaFirefox-branding-upstream-128.0-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-branding-upstream-128.0-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64"
        },
        "product_reference": "MozillaFirefox-branding-upstream-128.0-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-devel-128.0-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64"
        },
        "product_reference": "MozillaFirefox-devel-128.0-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-devel-128.0-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le"
        },
        "product_reference": "MozillaFirefox-devel-128.0-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-devel-128.0-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x"
        },
        "product_reference": "MozillaFirefox-devel-128.0-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-devel-128.0-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64"
        },
        "product_reference": "MozillaFirefox-devel-128.0-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-translations-common-128.0-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64"
        },
        "product_reference": "MozillaFirefox-translations-common-128.0-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-translations-common-128.0-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le"
        },
        "product_reference": "MozillaFirefox-translations-common-128.0-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-translations-common-128.0-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x"
        },
        "product_reference": "MozillaFirefox-translations-common-128.0-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-translations-common-128.0-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64"
        },
        "product_reference": "MozillaFirefox-translations-common-128.0-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-translations-other-128.0-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64"
        },
        "product_reference": "MozillaFirefox-translations-other-128.0-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-translations-other-128.0-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le"
        },
        "product_reference": "MozillaFirefox-translations-other-128.0-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-translations-other-128.0-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x"
        },
        "product_reference": "MozillaFirefox-translations-other-128.0-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-translations-other-128.0-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64"
        },
        "product_reference": "MozillaFirefox-translations-other-128.0-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-6600",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-6600"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Due to large allocation checks in Angle for GLSL shaders being too lenient an out-of-bounds access could occur when allocating more than 8192 ints in private shader memory on mac OS. This vulnerability affects Firefox \u003c 128, Firefox ESR \u003c 115.13, Thunderbird \u003c 115.13, and Thunderbird \u003c 128.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-6600",
          "url": "https://www.suse.com/security/cve/CVE-2024-6600"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1226316 for CVE-2024-6600",
          "url": "https://bugzilla.suse.com/1226316"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-07-17T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-6600"
    },
    {
      "cve": "CVE-2024-6601",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-6601"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A race condition could lead to a cross-origin container obtaining permissions of the top-level origin. This vulnerability affects Firefox \u003c 128, Firefox ESR \u003c 115.13, Thunderbird \u003c 115.13, and Thunderbird \u003c 128.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-6601",
          "url": "https://www.suse.com/security/cve/CVE-2024-6601"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1226316 for CVE-2024-6601",
          "url": "https://bugzilla.suse.com/1226316"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-07-17T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-6601"
    },
    {
      "cve": "CVE-2024-6602",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-6602"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A mismatch between allocator and deallocator could have led to memory corruption. This vulnerability affects Firefox \u003c 128, Firefox ESR \u003c 115.13, Thunderbird \u003c 115.13, and Thunderbird \u003c 128.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-6602",
          "url": "https://www.suse.com/security/cve/CVE-2024-6602"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1226316 for CVE-2024-6602",
          "url": "https://bugzilla.suse.com/1226316"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-07-17T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-6602"
    },
    {
      "cve": "CVE-2024-6603",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-6603"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In an out-of-memory scenario an allocation could fail but free would have been called on the pointer afterwards leading to memory corruption. This vulnerability affects Firefox \u003c 128, Firefox ESR \u003c 115.13, Thunderbird \u003c 115.13, and Thunderbird \u003c 128.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-6603",
          "url": "https://www.suse.com/security/cve/CVE-2024-6603"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1226316 for CVE-2024-6603",
          "url": "https://bugzilla.suse.com/1226316"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-07-17T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-6603"
    },
    {
      "cve": "CVE-2024-6604",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-6604"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Memory safety bugs present in Firefox 127, Firefox ESR 115.12, and Thunderbird 115.12. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 128, Firefox ESR \u003c 115.13, Thunderbird \u003c 115.13, and Thunderbird \u003c 128.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-6604",
          "url": "https://www.suse.com/security/cve/CVE-2024-6604"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1226316 for CVE-2024-6604",
          "url": "https://bugzilla.suse.com/1226316"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-07-17T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-6604"
    },
    {
      "cve": "CVE-2024-6605",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-6605"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Firefox Android allowed immediate interaction with permission prompts. This could be used for tapjacking. This vulnerability affects Firefox \u003c 128.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-6605",
          "url": "https://www.suse.com/security/cve/CVE-2024-6605"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1226316 for CVE-2024-6605",
          "url": "https://bugzilla.suse.com/1226316"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-07-17T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-6605"
    },
    {
      "cve": "CVE-2024-6606",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-6606"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Clipboard code failed to check the index on an array access. This could have led to an out-of-bounds read. This vulnerability affects Firefox \u003c 128 and Thunderbird \u003c 128.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-6606",
          "url": "https://www.suse.com/security/cve/CVE-2024-6606"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1226316 for CVE-2024-6606",
          "url": "https://bugzilla.suse.com/1226316"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-07-17T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-6606"
    },
    {
      "cve": "CVE-2024-6607",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-6607"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "It was possible to prevent a user from exiting pointerlock when pressing escape and to overlay customValidity notifications from a `\u0026lt;select\u0026gt;` element over certain permission prompts. This could be used to confuse a user into giving a site unintended permissions. This vulnerability affects Firefox \u003c 128 and Thunderbird \u003c 128.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-6607",
          "url": "https://www.suse.com/security/cve/CVE-2024-6607"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1226316 for CVE-2024-6607",
          "url": "https://bugzilla.suse.com/1226316"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-07-17T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-6607"
    },
    {
      "cve": "CVE-2024-6608",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-6608"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "It was possible to move the cursor using pointerlock from an iframe. This allowed moving the cursor outside of the viewport and the Firefox window. This vulnerability affects Firefox \u003c 128 and Thunderbird \u003c 128.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-6608",
          "url": "https://www.suse.com/security/cve/CVE-2024-6608"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1226316 for CVE-2024-6608",
          "url": "https://bugzilla.suse.com/1226316"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-07-17T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-6608"
    },
    {
      "cve": "CVE-2024-6609",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-6609"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When almost out-of-memory an elliptic curve key which was never allocated could have been freed again. This vulnerability affects Firefox \u003c 128 and Thunderbird \u003c 128.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-6609",
          "url": "https://www.suse.com/security/cve/CVE-2024-6609"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1226316 for CVE-2024-6609",
          "url": "https://bugzilla.suse.com/1226316"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-07-17T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-6609"
    },
    {
      "cve": "CVE-2024-6610",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-6610"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Form validation popups could capture escape key presses. Therefore, spamming form validation messages could be used to prevent users from exiting full-screen mode. This vulnerability affects Firefox \u003c 128 and Thunderbird \u003c 128.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-6610",
          "url": "https://www.suse.com/security/cve/CVE-2024-6610"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1226316 for CVE-2024-6610",
          "url": "https://bugzilla.suse.com/1226316"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-07-17T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-6610"
    },
    {
      "cve": "CVE-2024-6611",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-6611"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A nested iframe, triggering a cross-site navigation, could send SameSite=Strict or Lax cookies. This vulnerability affects Firefox \u003c 128 and Thunderbird \u003c 128.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-6611",
          "url": "https://www.suse.com/security/cve/CVE-2024-6611"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1226316 for CVE-2024-6611",
          "url": "https://bugzilla.suse.com/1226316"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-07-17T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-6611"
    },
    {
      "cve": "CVE-2024-6612",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-6612"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "CSP violations generated links in the console tab of the developer tools, pointing to the violating resource. This caused a DNS prefetch which leaked that a CSP violation happened. This vulnerability affects Firefox \u003c 128 and Thunderbird \u003c 128.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-6612",
          "url": "https://www.suse.com/security/cve/CVE-2024-6612"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1226316 for CVE-2024-6612",
          "url": "https://bugzilla.suse.com/1226316"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.1,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-07-17T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-6612"
    },
    {
      "cve": "CVE-2024-6613",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-6613"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The frame iterator could get stuck in a loop when encountering certain wasm frames leading to incorrect stack traces. This vulnerability affects Firefox \u003c 128 and Thunderbird \u003c 128.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-6613",
          "url": "https://www.suse.com/security/cve/CVE-2024-6613"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1226316 for CVE-2024-6613",
          "url": "https://bugzilla.suse.com/1226316"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-07-17T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-6613"
    },
    {
      "cve": "CVE-2024-6614",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-6614"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The frame iterator could get stuck in a loop when encountering certain wasm frames leading to incorrect stack traces. This vulnerability affects Firefox \u003c 128 and Thunderbird \u003c 128.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-6614",
          "url": "https://www.suse.com/security/cve/CVE-2024-6614"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1226316 for CVE-2024-6614",
          "url": "https://bugzilla.suse.com/1226316"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-07-17T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-6614"
    },
    {
      "cve": "CVE-2024-6615",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-6615"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Memory safety bugs present in Firefox 127 and Thunderbird 127. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 128 and Thunderbird \u003c 128.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-6615",
          "url": "https://www.suse.com/security/cve/CVE-2024-6615"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1226316 for CVE-2024-6615",
          "url": "https://bugzilla.suse.com/1226316"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-devel-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-128.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-128.0-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-07-17T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-6615"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.

Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2024-6608 (GCVE-0-2024-6608)

Solutions

Solutions

Solutions

Solutions

Tags

Sightings

Nomenclature