[ALPINE:CVE-2016-9895] firefox-esr vulnerability
Severity
Medium
Affected Packages
3
Fixed Packages
3
CVEs
1
[From CVE-2016-9895] Event handlers on "marquee" elements were executed despite a strict Content Security Policy (CSP) that disallowed inline JavaScript. This vulnerability affects Firefox < 50.1, Firefox ESR < 45.6, and Thunderbird < 45.6.
Package | Affected Version |
---|---|
pkg:apk/alpine/firefox-esr?arch=x86_64&distro=alpine-3.4 | < 45.6.0 |
pkg:apk/alpine/firefox-esr?arch=x86&distro=alpine-3.4 | < 45.6.0 |
pkg:apk/alpine/firefox-esr?arch=armhf&distro=alpine-3.4 | < 45.6.0 |
Package | Fixed Version |
---|---|
pkg:apk/alpine/firefox-esr?arch=x86_64&distro=alpine-3.4 | = 45.6.0 |
pkg:apk/alpine/firefox-esr?arch=x86&distro=alpine-3.4 | = 45.6.0 |
pkg:apk/alpine/firefox-esr?arch=armhf&distro=alpine-3.4 | = 45.6.0 |
- ID
- ALPINE:CVE-2016-9895
- Severity
- medium
- URL
- https://security.alpinelinux.org/vuln/CVE-2016-9895
- Published
-
2018-06-11T21:29:01
(6 years ago) - Modified
-
2018-06-11T21:29:01
(6 years ago) - Rights
- Alpine Linux Security Team
- Other Advisories
-
- ASA-201612-15
- DSA-3734-1
- DSA-3757-1
- ELSA-2016-2946
- ELSA-2016-2973
- FREEBSD:512C0FFD-CD39-4DA4-B2DC-81FF4BA8E238
- GLSA-201701-15
- MFSA-2016-94
- MFSA-2016-95
- MFSA-2016-96
- openSUSE-SU-2016:3307-1
- openSUSE-SU-2016:3308-1
- RHSA-2016:2946
- RHSA-2016:2973
- SUSE-SU-2016:3210-1
- SUSE-SU-2016:3222-1
- SUSE-SU-2016:3223-1
- USN-3155-1
- USN-3165-1
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Fixed | pkg:apk/alpine/firefox-esr?arch=x86_64&distro=alpine-3.4 | alpine | firefox-esr | = 45.6.0 | alpine-3.4 | x86_64 | |
Affected | pkg:apk/alpine/firefox-esr?arch=x86_64&distro=alpine-3.4 | alpine | firefox-esr | < 45.6.0 | alpine-3.4 | x86_64 | |
Fixed | pkg:apk/alpine/firefox-esr?arch=x86&distro=alpine-3.4 | alpine | firefox-esr | = 45.6.0 | alpine-3.4 | x86 | |
Affected | pkg:apk/alpine/firefox-esr?arch=x86&distro=alpine-3.4 | alpine | firefox-esr | < 45.6.0 | alpine-3.4 | x86 | |
Fixed | pkg:apk/alpine/firefox-esr?arch=armhf&distro=alpine-3.4 | alpine | firefox-esr | = 45.6.0 | alpine-3.4 | armhf | |
Affected | pkg:apk/alpine/firefox-esr?arch=armhf&distro=alpine-3.4 | alpine | firefox-esr | < 45.6.0 | alpine-3.4 | armhf |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |