[SUSE-SU-2024:1770-1] Security update for MozillaFirefox

Severity Important
CVEs 15

Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues:

Update to version 115.11.0 ESR (bsc#1224056):

  • CVE-2024-4367: Arbitrary JavaScript execution in PDF.js
  • CVE-2024-4767: IndexedDB files retained in private browsing mode
  • CVE-2024-4768: Potential permissions request bypass via clickjacking
  • CVE-2024-4769: Cross-origin responses could be distinguished between script and non-script content-types
  • CVE-2024-4770: Use-after-free could occur when printing to PDF
  • CVE-2024-4777: Memory safety bugs fixed in Firefox 126, Firefox ESR 115.11, and Thunderbird 115.11
Source # ID Name URL
Suse SUSE ratings https://www.suse.com/support/security/rating/
Suse URL of this CSAF notice https://ftp.suse.com/pub/projects/security/csaf/suse-su-2024_1770-1.json
Suse URL for SUSE-SU-2024:1770-1 https://www.suse.com/support/update/announcement/2024/suse-su-20241770-1/
Suse E-Mail link for SUSE-SU-2024:1770-1 https://lists.suse.com/pipermail/sle-security-updates/2024-May/018597.html
Bugzilla SUSE Bug 1222535 https://bugzilla.suse.com/1222535
Bugzilla SUSE Bug 1224056 https://bugzilla.suse.com/1224056
CVE SUSE CVE CVE-2024-2609 page https://www.suse.com/security/cve/CVE-2024-2609/
CVE SUSE CVE CVE-2024-3302 page https://www.suse.com/security/cve/CVE-2024-3302/
CVE SUSE CVE CVE-2024-3852 page https://www.suse.com/security/cve/CVE-2024-3852/
CVE SUSE CVE CVE-2024-3854 page https://www.suse.com/security/cve/CVE-2024-3854/
CVE SUSE CVE CVE-2024-3857 page https://www.suse.com/security/cve/CVE-2024-3857/
CVE SUSE CVE CVE-2024-3859 page https://www.suse.com/security/cve/CVE-2024-3859/
CVE SUSE CVE CVE-2024-3861 page https://www.suse.com/security/cve/CVE-2024-3861/
CVE SUSE CVE CVE-2024-3863 page https://www.suse.com/security/cve/CVE-2024-3863/
CVE SUSE CVE CVE-2024-3864 page https://www.suse.com/security/cve/CVE-2024-3864/
CVE SUSE CVE CVE-2024-4367 page https://www.suse.com/security/cve/CVE-2024-4367/
CVE SUSE CVE CVE-2024-4767 page https://www.suse.com/security/cve/CVE-2024-4767/
CVE SUSE CVE CVE-2024-4768 page https://www.suse.com/security/cve/CVE-2024-4768/
CVE SUSE CVE CVE-2024-4769 page https://www.suse.com/security/cve/CVE-2024-4769/
CVE SUSE CVE CVE-2024-4770 page https://www.suse.com/security/cve/CVE-2024-4770/
CVE SUSE CVE CVE-2024-4777 page https://www.suse.com/security/cve/CVE-2024-4777/
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date
Loading...