[openSUSE-SU-2022:0821-1] Security update for MozillaFirefox
Severity
Important
Affected Packages
20
CVEs
5
Security update for MozillaFirefox
This update for MozillaFirefox fixes the following issues:
Firefox Extended Support Release 91.7.0 ESR (bsc#1196900):
- CVE-2022-26383: Browser window spoof using fullscreen mode
- CVE-2022-26384: iframe allow-scripts sandbox bypass
- CVE-2022-26387: Time-of-check time-of-use bug when verifying add-on signatures
- CVE-2022-26381: Use-after-free in text reflows
- CVE-2022-26386: Temporary files downloaded to /tmp and accessible by other local users
- ID
- openSUSE-SU-2022:0821-1
- Severity
- important
- URL
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/6422VZTPHB75VR6MKMLREZ5FDX6SVNHY/
- Published
-
2022-03-14T13:52:47
(2 years ago) - Modified
-
2022-03-14T13:52:47
(2 years ago) - Rights
- Copyright 2024 SUSE LLC. All rights reserved.
- Other Advisories
-
- ALAS2-2022-1779
- ALPINE:CVE-2022-26381
- ALPINE:CVE-2022-26383
- ALPINE:CVE-2022-26384
- ALPINE:CVE-2022-26386
- ALPINE:CVE-2022-26387
- ALSA-2022:0818
- ALSA-2022:0845
- DSA-5097-1
- DSA-5106-1
- ELSA-2022-0818
- ELSA-2022-0824
- ELSA-2022-0845
- ELSA-2022-0850
- GLSA-202208-08
- GLSA-202208-14
- MFSA-2022-10
- MFSA-2022-11
- MFSA-2022-12
- openSUSE-SU-2022:0906-1
- RHSA-2022:0818
- RHSA-2022:0824
- RHSA-2022:0845
- RHSA-2022:0850
- SSA:2022-068-01
- SUSE-SU-2022:0819-1
- SUSE-SU-2022:0821-1
- SUSE-SU-2022:0822-1
- SUSE-SU-2022:0906-1
- USN-5321-1
- USN-5321-2
- USN-5345-1
Source | # ID | Name | URL |
---|---|---|---|
Suse | SUSE ratings | https://www.suse.com/support/security/rating/ | |
Suse | URL of this CSAF notice | https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2022_0821-1.json | |
Suse | URL for openSUSE-SU-2022:0821-1 | https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/6422VZTPHB75VR6MKMLREZ5FDX6SVNHY/ | |
Suse | E-Mail link for openSUSE-SU-2022:0821-1 | https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/6422VZTPHB75VR6MKMLREZ5FDX6SVNHY/ | |
Bugzilla | SUSE Bug 1196900 | https://bugzilla.suse.com/1196900 | |
CVE | SUSE CVE CVE-2022-26381 page | https://www.suse.com/security/cve/CVE-2022-26381/ | |
CVE | SUSE CVE CVE-2022-26383 page | https://www.suse.com/security/cve/CVE-2022-26383/ | |
CVE | SUSE CVE CVE-2022-26384 page | https://www.suse.com/security/cve/CVE-2022-26384/ | |
CVE | SUSE CVE CVE-2022-26386 page | https://www.suse.com/security/cve/CVE-2022-26386/ | |
CVE | SUSE CVE CVE-2022-26387 page | https://www.suse.com/security/cve/CVE-2022-26387/ |
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/opensuse/MozillaFirefox?arch=x86_64&distro=opensuse-leap-15.3 | opensuse | MozillaFirefox | < 91.7.0-152.22.1 | opensuse-leap-15.3 | x86_64 | |
Affected | pkg:rpm/opensuse/MozillaFirefox?arch=s390x&distro=opensuse-leap-15.3 | opensuse | MozillaFirefox | < 91.7.0-152.22.1 | opensuse-leap-15.3 | s390x | |
Affected | pkg:rpm/opensuse/MozillaFirefox?arch=ppc64le&distro=opensuse-leap-15.3 | opensuse | MozillaFirefox | < 91.7.0-152.22.1 | opensuse-leap-15.3 | ppc64le | |
Affected | pkg:rpm/opensuse/MozillaFirefox?arch=aarch64&distro=opensuse-leap-15.3 | opensuse | MozillaFirefox | < 91.7.0-152.22.1 | opensuse-leap-15.3 | aarch64 | |
Affected | pkg:rpm/opensuse/MozillaFirefox-translations-other?arch=x86_64&distro=opensuse-leap-15.3 | opensuse | MozillaFirefox-translations-other | < 91.7.0-152.22.1 | opensuse-leap-15.3 | x86_64 | |
Affected | pkg:rpm/opensuse/MozillaFirefox-translations-other?arch=s390x&distro=opensuse-leap-15.3 | opensuse | MozillaFirefox-translations-other | < 91.7.0-152.22.1 | opensuse-leap-15.3 | s390x | |
Affected | pkg:rpm/opensuse/MozillaFirefox-translations-other?arch=ppc64le&distro=opensuse-leap-15.3 | opensuse | MozillaFirefox-translations-other | < 91.7.0-152.22.1 | opensuse-leap-15.3 | ppc64le | |
Affected | pkg:rpm/opensuse/MozillaFirefox-translations-other?arch=aarch64&distro=opensuse-leap-15.3 | opensuse | MozillaFirefox-translations-other | < 91.7.0-152.22.1 | opensuse-leap-15.3 | aarch64 | |
Affected | pkg:rpm/opensuse/MozillaFirefox-translations-common?arch=x86_64&distro=opensuse-leap-15.3 | opensuse | MozillaFirefox-translations-common | < 91.7.0-152.22.1 | opensuse-leap-15.3 | x86_64 | |
Affected | pkg:rpm/opensuse/MozillaFirefox-translations-common?arch=s390x&distro=opensuse-leap-15.3 | opensuse | MozillaFirefox-translations-common | < 91.7.0-152.22.1 | opensuse-leap-15.3 | s390x | |
Affected | pkg:rpm/opensuse/MozillaFirefox-translations-common?arch=ppc64le&distro=opensuse-leap-15.3 | opensuse | MozillaFirefox-translations-common | < 91.7.0-152.22.1 | opensuse-leap-15.3 | ppc64le | |
Affected | pkg:rpm/opensuse/MozillaFirefox-translations-common?arch=aarch64&distro=opensuse-leap-15.3 | opensuse | MozillaFirefox-translations-common | < 91.7.0-152.22.1 | opensuse-leap-15.3 | aarch64 | |
Affected | pkg:rpm/opensuse/MozillaFirefox-devel?arch=x86_64&distro=opensuse-leap-15.3 | opensuse | MozillaFirefox-devel | < 91.7.0-152.22.1 | opensuse-leap-15.3 | x86_64 | |
Affected | pkg:rpm/opensuse/MozillaFirefox-devel?arch=s390x&distro=opensuse-leap-15.3 | opensuse | MozillaFirefox-devel | < 91.7.0-152.22.1 | opensuse-leap-15.3 | s390x | |
Affected | pkg:rpm/opensuse/MozillaFirefox-devel?arch=ppc64le&distro=opensuse-leap-15.3 | opensuse | MozillaFirefox-devel | < 91.7.0-152.22.1 | opensuse-leap-15.3 | ppc64le | |
Affected | pkg:rpm/opensuse/MozillaFirefox-devel?arch=aarch64&distro=opensuse-leap-15.3 | opensuse | MozillaFirefox-devel | < 91.7.0-152.22.1 | opensuse-leap-15.3 | aarch64 | |
Affected | pkg:rpm/opensuse/MozillaFirefox-branding-upstream?arch=x86_64&distro=opensuse-leap-15.3 | opensuse | MozillaFirefox-branding-upstream | < 91.7.0-152.22.1 | opensuse-leap-15.3 | x86_64 | |
Affected | pkg:rpm/opensuse/MozillaFirefox-branding-upstream?arch=s390x&distro=opensuse-leap-15.3 | opensuse | MozillaFirefox-branding-upstream | < 91.7.0-152.22.1 | opensuse-leap-15.3 | s390x | |
Affected | pkg:rpm/opensuse/MozillaFirefox-branding-upstream?arch=ppc64le&distro=opensuse-leap-15.3 | opensuse | MozillaFirefox-branding-upstream | < 91.7.0-152.22.1 | opensuse-leap-15.3 | ppc64le | |
Affected | pkg:rpm/opensuse/MozillaFirefox-branding-upstream?arch=aarch64&distro=opensuse-leap-15.3 | opensuse | MozillaFirefox-branding-upstream | < 91.7.0-152.22.1 | opensuse-leap-15.3 | aarch64 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |