[SUSE-SU-2022:1921-1] Security update for MozillaFirefox

Severity Important

Affected Packages 39

CVEs 8

Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues:

Firefox Extended Support Release 91.10.0 ESR (MFSA 2022-21)(bsc#1200027)

CVE-2022-31736: Cross-Origin resource's length leaked
CVE-2022-31737: Heap buffer overflow in WebGL
CVE-2022-31738: Browser window spoof using fullscreen mode
CVE-2022-31739: Attacker-influenced path traversal when saving downloaded files
CVE-2022-31740: Register allocation problem in WASM on arm64
CVE-2022-31741: Uninitialized variable leads to invalid memory read
CVE-2022-31742: Querying a WebAuthn token with a large number of allowCredential entries may have leaked cross-origin information
CVE-2022-31747: Memory safety bugs fixed in Firefox 101 and Firefox ESR 91.10

Package	Affected Version
pkg:rpm/suse/MozillaFirefox?arch=x86_64&distro=sles-12&sp=5	< 91.10.0-112.114.1
pkg:rpm/suse/MozillaFirefox?arch=x86_64&distro=sles-12&sp=4	< 91.10.0-112.114.1
pkg:rpm/suse/MozillaFirefox?arch=x86_64&distro=sles-12&sp=3	< 91.10.0-112.114.1
pkg:rpm/suse/MozillaFirefox?arch=x86_64&distro=sles-12&sp=2	< 91.10.0-112.114.1
pkg:rpm/suse/MozillaFirefox?arch=s390x&distro=sles-12&sp=5	< 91.10.0-112.114.1
pkg:rpm/suse/MozillaFirefox?arch=s390x&distro=sles-12&sp=4	< 91.10.0-112.114.1
pkg:rpm/suse/MozillaFirefox?arch=s390x&distro=sles-12&sp=3	< 91.10.0-112.114.1
pkg:rpm/suse/MozillaFirefox?arch=ppc64le&distro=sles-12&sp=5	< 91.10.0-112.114.1
pkg:rpm/suse/MozillaFirefox?arch=ppc64le&distro=sles-12&sp=4	< 91.10.0-112.114.1
pkg:rpm/suse/MozillaFirefox?arch=ppc64le&distro=sles-12&sp=3	< 91.10.0-112.114.1
pkg:rpm/suse/MozillaFirefox?arch=aarch64&distro=sles-12&sp=5	< 91.10.0-112.114.1
pkg:rpm/suse/MozillaFirefox?arch=aarch64&distro=sles-12&sp=4	< 91.10.0-112.114.1
pkg:rpm/suse/MozillaFirefox?arch=aarch64&distro=sles-12&sp=3	< 91.10.0-112.114.1
pkg:rpm/suse/MozillaFirefox-translations-common?arch=x86_64&distro=sles-12&sp=5	< 91.10.0-112.114.1
pkg:rpm/suse/MozillaFirefox-translations-common?arch=x86_64&distro=sles-12&sp=4	< 91.10.0-112.114.1
pkg:rpm/suse/MozillaFirefox-translations-common?arch=x86_64&distro=sles-12&sp=3	< 91.10.0-112.114.1
pkg:rpm/suse/MozillaFirefox-translations-common?arch=x86_64&distro=sles-12&sp=2	< 91.10.0-112.114.1
pkg:rpm/suse/MozillaFirefox-translations-common?arch=s390x&distro=sles-12&sp=5	< 91.10.0-112.114.1
pkg:rpm/suse/MozillaFirefox-translations-common?arch=s390x&distro=sles-12&sp=4	< 91.10.0-112.114.1
pkg:rpm/suse/MozillaFirefox-translations-common?arch=s390x&distro=sles-12&sp=3	< 91.10.0-112.114.1
pkg:rpm/suse/MozillaFirefox-translations-common?arch=ppc64le&distro=sles-12&sp=5	< 91.10.0-112.114.1
pkg:rpm/suse/MozillaFirefox-translations-common?arch=ppc64le&distro=sles-12&sp=4	< 91.10.0-112.114.1
pkg:rpm/suse/MozillaFirefox-translations-common?arch=ppc64le&distro=sles-12&sp=3	< 91.10.0-112.114.1
pkg:rpm/suse/MozillaFirefox-translations-common?arch=aarch64&distro=sles-12&sp=5	< 91.10.0-112.114.1
pkg:rpm/suse/MozillaFirefox-translations-common?arch=aarch64&distro=sles-12&sp=4	< 91.10.0-112.114.1
pkg:rpm/suse/MozillaFirefox-translations-common?arch=aarch64&distro=sles-12&sp=3	< 91.10.0-112.114.1
pkg:rpm/suse/MozillaFirefox-devel?arch=x86_64&distro=sles-12&sp=5	< 91.10.0-112.114.1
pkg:rpm/suse/MozillaFirefox-devel?arch=x86_64&distro=sles-12&sp=4	< 91.10.0-112.114.1
pkg:rpm/suse/MozillaFirefox-devel?arch=x86_64&distro=sles-12&sp=3	< 91.10.0-112.114.1
pkg:rpm/suse/MozillaFirefox-devel?arch=x86_64&distro=sles-12&sp=2	< 91.10.0-112.114.1
pkg:rpm/suse/MozillaFirefox-devel?arch=s390x&distro=sles-12&sp=5	< 91.10.0-112.114.1
pkg:rpm/suse/MozillaFirefox-devel?arch=s390x&distro=sles-12&sp=4	< 91.10.0-112.114.1
pkg:rpm/suse/MozillaFirefox-devel?arch=s390x&distro=sles-12&sp=3	< 91.10.0-112.114.1
pkg:rpm/suse/MozillaFirefox-devel?arch=ppc64le&distro=sles-12&sp=5	< 91.10.0-112.114.1
pkg:rpm/suse/MozillaFirefox-devel?arch=ppc64le&distro=sles-12&sp=4	< 91.10.0-112.114.1
pkg:rpm/suse/MozillaFirefox-devel?arch=ppc64le&distro=sles-12&sp=3	< 91.10.0-112.114.1
pkg:rpm/suse/MozillaFirefox-devel?arch=aarch64&distro=sles-12&sp=5	< 91.10.0-112.114.1
pkg:rpm/suse/MozillaFirefox-devel?arch=aarch64&distro=sles-12&sp=4	< 91.10.0-112.114.1
pkg:rpm/suse/MozillaFirefox-devel?arch=aarch64&distro=sles-12&sp=3	< 91.10.0-112.114.1

ID

SUSE-SU-2022:1921-1

Severity

important

URL

https://www.suse.com/support/update/announcement/2022/suse-su-20221921-1/

Published

2022-06-02T11:06:59
(2 years ago)

Modified

2022-06-02T11:06:59
(2 years ago)

Rights

Other Advisories

Source	Name	URL
Suse	SUSE ratings	https://www.suse.com/support/security/rating/
Suse	URL of this CSAF notice	https://ftp.suse.com/pub/projects/security/csaf/suse-su-2022_1921-1.json
Suse	URL for SUSE-SU-2022:1921-1	https://www.suse.com/support/update/announcement/2022/suse-su-20221921-1/
Suse	E-Mail link for SUSE-SU-2022:1921-1	https://lists.suse.com/pipermail/sle-security-updates/2022-June/011223.html
Bugzilla	SUSE Bug 1200027	https://bugzilla.suse.com/1200027
CVE	SUSE CVE CVE-2022-31736 page	https://www.suse.com/security/cve/CVE-2022-31736/
CVE	SUSE CVE CVE-2022-31737 page	https://www.suse.com/security/cve/CVE-2022-31737/
CVE	SUSE CVE CVE-2022-31738 page	https://www.suse.com/security/cve/CVE-2022-31738/
CVE	SUSE CVE CVE-2022-31739 page	https://www.suse.com/security/cve/CVE-2022-31739/
CVE	SUSE CVE CVE-2022-31740 page	https://www.suse.com/security/cve/CVE-2022-31740/
CVE	SUSE CVE CVE-2022-31741 page	https://www.suse.com/security/cve/CVE-2022-31741/
CVE	SUSE CVE CVE-2022-31742 page	https://www.suse.com/security/cve/CVE-2022-31742/
CVE	SUSE CVE CVE-2022-31747 page	https://www.suse.com/security/cve/CVE-2022-31747/

Type	Package URL	Namespace	Name / Product	Version	Distribution / Platform	Arch
Affected	pkg:rpm/suse/MozillaFirefox?arch=x86_64&distro=sles-12&sp=5	suse	MozillaFirefox	< 91.10.0-112.114.1	sles-12	x86_64
Affected	pkg:rpm/suse/MozillaFirefox?arch=x86_64&distro=sles-12&sp=4	suse	MozillaFirefox	< 91.10.0-112.114.1	sles-12	x86_64
Affected	pkg:rpm/suse/MozillaFirefox?arch=x86_64&distro=sles-12&sp=3	suse	MozillaFirefox	< 91.10.0-112.114.1	sles-12	x86_64
Affected	pkg:rpm/suse/MozillaFirefox?arch=x86_64&distro=sles-12&sp=2	suse	MozillaFirefox	< 91.10.0-112.114.1	sles-12	x86_64
Affected	pkg:rpm/suse/MozillaFirefox?arch=s390x&distro=sles-12&sp=5	suse	MozillaFirefox	< 91.10.0-112.114.1	sles-12	s390x
Affected	pkg:rpm/suse/MozillaFirefox?arch=s390x&distro=sles-12&sp=4	suse	MozillaFirefox	< 91.10.0-112.114.1	sles-12	s390x
Affected	pkg:rpm/suse/MozillaFirefox?arch=s390x&distro=sles-12&sp=3	suse	MozillaFirefox	< 91.10.0-112.114.1	sles-12	s390x
Affected	pkg:rpm/suse/MozillaFirefox?arch=ppc64le&distro=sles-12&sp=5	suse	MozillaFirefox	< 91.10.0-112.114.1	sles-12	ppc64le
Affected	pkg:rpm/suse/MozillaFirefox?arch=ppc64le&distro=sles-12&sp=4	suse	MozillaFirefox	< 91.10.0-112.114.1	sles-12	ppc64le
Affected	pkg:rpm/suse/MozillaFirefox?arch=ppc64le&distro=sles-12&sp=3	suse	MozillaFirefox	< 91.10.0-112.114.1	sles-12	ppc64le
Affected	pkg:rpm/suse/MozillaFirefox?arch=aarch64&distro=sles-12&sp=5	suse	MozillaFirefox	< 91.10.0-112.114.1	sles-12	aarch64
Affected	pkg:rpm/suse/MozillaFirefox?arch=aarch64&distro=sles-12&sp=4	suse	MozillaFirefox	< 91.10.0-112.114.1	sles-12	aarch64
Affected	pkg:rpm/suse/MozillaFirefox?arch=aarch64&distro=sles-12&sp=3	suse	MozillaFirefox	< 91.10.0-112.114.1	sles-12	aarch64
Affected	pkg:rpm/suse/MozillaFirefox-translations-common?arch=x86_64&distro=sles-12&sp=5	suse	MozillaFirefox-translations-common	< 91.10.0-112.114.1	sles-12	x86_64
Affected	pkg:rpm/suse/MozillaFirefox-translations-common?arch=x86_64&distro=sles-12&sp=4	suse	MozillaFirefox-translations-common	< 91.10.0-112.114.1	sles-12	x86_64
Affected	pkg:rpm/suse/MozillaFirefox-translations-common?arch=x86_64&distro=sles-12&sp=3	suse	MozillaFirefox-translations-common	< 91.10.0-112.114.1	sles-12	x86_64
Affected	pkg:rpm/suse/MozillaFirefox-translations-common?arch=x86_64&distro=sles-12&sp=2	suse	MozillaFirefox-translations-common	< 91.10.0-112.114.1	sles-12	x86_64
Affected	pkg:rpm/suse/MozillaFirefox-translations-common?arch=s390x&distro=sles-12&sp=5	suse	MozillaFirefox-translations-common	< 91.10.0-112.114.1	sles-12	s390x
Affected	pkg:rpm/suse/MozillaFirefox-translations-common?arch=s390x&distro=sles-12&sp=4	suse	MozillaFirefox-translations-common	< 91.10.0-112.114.1	sles-12	s390x
Affected	pkg:rpm/suse/MozillaFirefox-translations-common?arch=s390x&distro=sles-12&sp=3	suse	MozillaFirefox-translations-common	< 91.10.0-112.114.1	sles-12	s390x
Affected	pkg:rpm/suse/MozillaFirefox-translations-common?arch=ppc64le&distro=sles-12&sp=5	suse	MozillaFirefox-translations-common	< 91.10.0-112.114.1	sles-12	ppc64le
Affected	pkg:rpm/suse/MozillaFirefox-translations-common?arch=ppc64le&distro=sles-12&sp=4	suse	MozillaFirefox-translations-common	< 91.10.0-112.114.1	sles-12	ppc64le
Affected	pkg:rpm/suse/MozillaFirefox-translations-common?arch=ppc64le&distro=sles-12&sp=3	suse	MozillaFirefox-translations-common	< 91.10.0-112.114.1	sles-12	ppc64le
Affected	pkg:rpm/suse/MozillaFirefox-translations-common?arch=aarch64&distro=sles-12&sp=5	suse	MozillaFirefox-translations-common	< 91.10.0-112.114.1	sles-12	aarch64
Affected	pkg:rpm/suse/MozillaFirefox-translations-common?arch=aarch64&distro=sles-12&sp=4	suse	MozillaFirefox-translations-common	< 91.10.0-112.114.1	sles-12	aarch64
Affected	pkg:rpm/suse/MozillaFirefox-translations-common?arch=aarch64&distro=sles-12&sp=3	suse	MozillaFirefox-translations-common	< 91.10.0-112.114.1	sles-12	aarch64
Affected	pkg:rpm/suse/MozillaFirefox-devel?arch=x86_64&distro=sles-12&sp=5	suse	MozillaFirefox-devel	< 91.10.0-112.114.1	sles-12	x86_64
Affected	pkg:rpm/suse/MozillaFirefox-devel?arch=x86_64&distro=sles-12&sp=4	suse	MozillaFirefox-devel	< 91.10.0-112.114.1	sles-12	x86_64
Affected	pkg:rpm/suse/MozillaFirefox-devel?arch=x86_64&distro=sles-12&sp=3	suse	MozillaFirefox-devel	< 91.10.0-112.114.1	sles-12	x86_64
Affected	pkg:rpm/suse/MozillaFirefox-devel?arch=x86_64&distro=sles-12&sp=2	suse	MozillaFirefox-devel	< 91.10.0-112.114.1	sles-12	x86_64
Affected	pkg:rpm/suse/MozillaFirefox-devel?arch=s390x&distro=sles-12&sp=5	suse	MozillaFirefox-devel	< 91.10.0-112.114.1	sles-12	s390x
Affected	pkg:rpm/suse/MozillaFirefox-devel?arch=s390x&distro=sles-12&sp=4	suse	MozillaFirefox-devel	< 91.10.0-112.114.1	sles-12	s390x
Affected	pkg:rpm/suse/MozillaFirefox-devel?arch=s390x&distro=sles-12&sp=3	suse	MozillaFirefox-devel	< 91.10.0-112.114.1	sles-12	s390x
Affected	pkg:rpm/suse/MozillaFirefox-devel?arch=ppc64le&distro=sles-12&sp=5	suse	MozillaFirefox-devel	< 91.10.0-112.114.1	sles-12	ppc64le
Affected	pkg:rpm/suse/MozillaFirefox-devel?arch=ppc64le&distro=sles-12&sp=4	suse	MozillaFirefox-devel	< 91.10.0-112.114.1	sles-12	ppc64le
Affected	pkg:rpm/suse/MozillaFirefox-devel?arch=ppc64le&distro=sles-12&sp=3	suse	MozillaFirefox-devel	< 91.10.0-112.114.1	sles-12	ppc64le
Affected	pkg:rpm/suse/MozillaFirefox-devel?arch=aarch64&distro=sles-12&sp=5	suse	MozillaFirefox-devel	< 91.10.0-112.114.1	sles-12	aarch64
Affected	pkg:rpm/suse/MozillaFirefox-devel?arch=aarch64&distro=sles-12&sp=4	suse	MozillaFirefox-devel	< 91.10.0-112.114.1	sles-12	aarch64
Affected	pkg:rpm/suse/MozillaFirefox-devel?arch=aarch64&distro=sles-12&sp=3	suse	MozillaFirefox-devel	< 91.10.0-112.114.1	sles-12	aarch64

# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	Exploits	PoC	Pubblication Date	Modification Date
# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	PoC	Pubblication Date	Modification Date